Bounties
Partners
Community
Info
huggingface / transformers
Project repository
🤗 Transformers: State-of-the-art Machine Learning for Pytorch, TensorFlow, and JAX.
Submit a report
FIRST INTERACTION
WITHIN
7 DAYS
REVIEW
WITHIN
68 DAYS
FIX
WITHIN
80 DAYS
Remote Code Execution in Hugging Face Transformers via trust_remote_code=True Us...
Apr 15th 2025
michaelpierre
•
informative
High
Sandbox Escape in Python Code Interpreter Tool in transformers
Apr 17th 2025
jackfromeast
•
informative
High
Code Injection via Unsafe Model Configuration in transformershubconf.py
Apr 11th 2025
54j4n
•
informative
Critical
Potential Arbitrary Code Execution Vulnerability in convert_mlcvnets_to_pytorch....
Apr 14th 2025
kexinoh
•
informative
High
ReDOS Vulnerability
Mar 19th 2025
aydinnyunus
•
duplicate
High
Regular expression Denial of Service - ReDoS
Apr 29th 2025
taiphung217
•
Medium
•
$125
Medium
•
$125
•
CVE-2025-1194
CVE-2025-1194
Regular expression Denial of Service - ReDoS
Mar 10th 2025
taiphung217
•
Medium
•
$125
Medium
•
$125
•
CVE-2024-12720
CVE-2024-12720
WaitCanDeadlock
Jan 6th 2025
amanhasan01
•
informative
Critical
Path Traversal
Mar 5th 2025
amanhasan01
•
spam
Remote Code Execution via Unsafe Torch Load in TransfoXLCorpus
Mar 3rd 2025
zpbrent
•
Low
•
$20
Low
•
$20
Malicious model deployed in HF repo to reversed RCE and worm infection by RealmR...
Nov 20th 2024
azraelxuemo
•
duplicate
High
ZDI-CAN-25424: Hugging Face Transformers Transformer-XL Model Deserialization of...
Dec 17th 2024
zdi-disclosures
•
informative
High
ZDI-CAN-25423: Hugging Face Transformers Perceiver Model Deserialization of Untr...
Oct 17th 2024
zdi-disclosures
•
duplicate
High
ZDI-CAN-25012: New Vulnerability Report
Oct 14th 2024
zdi-disclosures
•
informative
High
ZDI-CAN-25191: Hugging Face Transformers MaskFormer Model Deserialization of Unt...
Oct 14th 2024
zdi-disclosures
•
informative
High
Improper sanitization of Branch Name Leads to Arbitrary Code Injection
Oct 14th 2024
arunstar
•
informative
High
ZDI-CAN-24322: Hugging Face Transformers MobileViTV2 Deserialization of Untruste...
Oct 14th 2024
zdi-disclosures
•
informative
High
RCE when loading HuggingFace Hub tool from a collection using the ToolCollection
Sep 5th 2024
wangxuefei0912
•
duplicate
High
Access tokens exposure in git repo
Aug 9th 2024
giantathos
•
informative
None
Remote Code Execution through Deserilization of Untrusted data in convert_maskfo...
Aug 19th 2024
piyush-bhor
•
informative
High
Code execution with CodeAgent
Aug 13th 2024
0gur1
•
informative
High
Insecure Temporary File
May 13th 2024
h2oa
•
informative
Medium
OS command injection
Apr 8th 2024
tuna18dv
•
informative
Critical
RCE when loading HuggingFace Hub 'tools' in 'src/transformers/tools/base.py' ->...
Apr 30th 2024
retr0reg
•
Medium
•
$125
Medium
•
$125
test
Mar 9th 2024
lengochoa7112000
•
self closed
Transformers has a Deserialization of Untrusted Data vulnerability
Mar 27th 2024
retr0reg
•
Low
•
$20
Low
•
$20
•
CVE-2024-3568
CVE-2024-3568
ReDos in tokenization_gptsan_japanese.py#L466
Jan 26th 2024
lujiefsi
•
spam
Malicious model deployed in HF repo to reversed RCE and worm infection by RagRet...
Dec 12th 2023
zpbrent
•
Critical
•
$1500
Critical
•
$1500
•
CVE-2023-6730
CVE-2023-6730
An unverified deserialized data stream of function trust was found in transform...
Nov 22nd 2023
carnival-z
•
informative
Critical
Time of check time of use (toctou) Race Condition
Nov 22nd 2023
hiu240900
•
not applicable
Arbitrary Code Execution via YAML Deserialisation
Nov 22nd 2023
b3ef
•
informative
Medium
Remote Code Execution (RCE)
Oct 5th 2023
ready-research
•
self closed
Stored XSS reflected on model endpoint
Oct 31st 2023
immortalengine1
•
informative
Critical
Re: “Per-reference”: Enter: Brute-Level Bot
Oct 19th 2023
xavier6
•
spam
Malicious model to RCE by vocab file load in TransfoXLTokenizer (as well as the...
Dec 20th 2023
zpbrent
•
Critical
•
$1500
Critical
•
$1500
•
CVE-2023-7018
CVE-2023-7018
Deserialisation of Untrusted data Leading to Arbitrary Code Execution
Aug 22nd 2023
b3ef
•
not applicable
Unsafe `yaml.load` is used in `convert_mlcvnets_to_pytorch` and `convert_marian_...
Oct 14th 2024
lyutoon
•
informative
High
Unsafe deserialize
Apr 12th 2024
nhienit2010
•
self closed
RATE CONDITION LEAD TO DOS
Apr 16th 2023
novemberdad
•
not applicable
CORS - In COmments reaction..
Apr 3rd 2023
panveanyy
•
spam
CVE-2021-30473 - Detected
Mar 8th 2023
saintsconnor
•
informative
Critical
Buffer Overflow - aom/libaom0@1.0.0.errata1-3
Mar 8th 2023
saintsconnor
•
informative
Critical
Vulnearble to path travelsal
Mar 8th 2023
0xparth
•
informative
Critical
Amazon AWS S3 Bucket Misconfigurations (Upload, Dowload, List out any file to S3...
Feb 23rd 2024
harshbanshpal
•
informative
Critical
EXIF Geolocation Data Not Stripped From Uploaded Profile Images in https://huggi...
Feb 23rd 2024
harshbanshpal
•
informative
Medium
Inefficient Regular Expression Complexity(ReDoS)
Mar 8th 2023
ready-research
•
informative
High
Insecure Temporary File
May 18th 2023
ready-research
•
Medium
•
$980
Medium
•
$980
•
CVE-2023-2800
CVE-2023-2800
Command Injection in utils/check_self_hosted_runner.py
Mar 8th 2023
danmcinerney
•
informative
Low
Lack of Character Limit in Full Name Sections Leads to Denial of Service in
Jan 23rd 2023
7h3h4ckv157
•
not applicable
Inefficient Regular Expression Complexity
Mar 8th 2023
dwisiswant0
•
informative
Medium
CRITICAL
$1500
HIGH
$750
MEDIUM
$125
LOW
$20
