Platform
python
Component
transformers
Fixed in
4.57.1
CVE-2025-14927 is a Remote Code Execution (RCE) vulnerability affecting Hugging Face Transformers versions 4.57.0 through 4.57.0. This flaw allows attackers to execute arbitrary code on systems running the vulnerable software by exploiting a weakness in the checkpoint conversion process. A fix is available in version 4.57.1, and users are strongly advised to upgrade immediately.
The impact of this vulnerability is significant, as it allows an attacker to gain complete control over the affected system. By crafting a malicious checkpoint and tricking a user into converting it, an attacker can execute arbitrary code in the context of the Transformers process. This could lead to data theft, system compromise, and potentially lateral movement within the network. The vulnerability's reliance on user interaction to convert the malicious checkpoint limits the immediate exploitability, but the potential for widespread impact remains high, especially in environments where checkpoint conversion is a common operation.
This vulnerability was publicly disclosed on 2025-12-23. No public proof-of-concept (PoC) code has been released as of this writing, but the RCE nature of the vulnerability suggests a high likelihood of PoC development. The CVSS score of 7.8 (HIGH) indicates a significant risk. It is not currently listed on the CISA KEV catalog, but this could change if exploitation is observed.
Exploit Status
EPSS
0.10% (27% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-14927 is to upgrade Hugging Face Transformers to version 4.57.1 or later. Until the upgrade can be performed, consider restricting access to checkpoint conversion functionality to trusted users only. Implement input validation and sanitization on any user-supplied data used in the conversion process. While a direct WAF rule is unlikely to be effective, monitoring for unusual process execution patterns after checkpoint conversion could provide early detection. After upgrading, confirm the fix by attempting to convert a known-safe checkpoint and verifying that no unexpected code is executed.
Actualice la biblioteca Hugging Face Transformers a una versión posterior a la 4.57.0. Esto solucionará la vulnerabilidad de inyección de código en la función convert_config. Asegúrese de obtener la versión actualizada desde la fuente oficial de Hugging Face.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-14927 is a Remote Code Execution vulnerability in Hugging Face Transformers versions 4.57.0–4.57.0, allowing attackers to execute arbitrary code via malicious checkpoint conversion.
You are affected if you are using Hugging Face Transformers versions 4.57.0 through 4.57.0. Check your installed version using pip show transformers.
Upgrade Hugging Face Transformers to version 4.57.1 or later. Restrict access to checkpoint conversion functionality until the upgrade is complete.
While no active exploitation has been confirmed, the RCE nature of the vulnerability suggests a high likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the Hugging Face security advisory for detailed information and updates: [https://huggingface.co/docs/security/CVE-2025-14927](https://huggingface.co/docs/security/CVE-2025-14927)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.