平台
python
组件
transformers
修复版本
4.57.1
CVE-2025-14926 describes a Remote Code Execution (RCE) vulnerability within Hugging Face Transformers versions 4.57.0 through 4.57.0. This flaw stems from insufficient validation when handling user-supplied strings during the configuration conversion process, enabling attackers to execute arbitrary code. The vulnerability requires user interaction, specifically the conversion of a malicious checkpoint, to trigger the code execution. A patch is available in version 4.57.1.
Successful exploitation of CVE-2025-14926 allows an attacker to execute arbitrary code on a system running a vulnerable Hugging Face Transformers instance. This could lead to complete system compromise, including data theft, modification, or destruction. The attacker needs to trick a user into converting a specially crafted checkpoint file. The code will execute in the context of the user running the Transformers code, potentially granting access to sensitive data or resources. This vulnerability shares similarities with other code injection flaws where unchecked user input is used to construct and execute code, potentially leading to a complete takeover of the affected environment.
CVE-2025-14926 was published on December 23, 2025. The vulnerability's exploitation context is currently unclear, and no public proof-of-concept (PoC) has been released. Its EPSS score is pending evaluation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation.
Developers and researchers using Hugging Face Transformers for natural language processing tasks are at risk. Specifically, those who routinely download and convert checkpoint files from external sources or integrate Transformers into automated pipelines are particularly vulnerable. Shared hosting environments where multiple users have access to the Transformers installation are also at increased risk.
• python / transformers:
import subprocess
result = subprocess.run(['transformers', 'convert_config', '--input', 'malicious_checkpoint.json'], capture_output=True, text=True)
print(result.stderr)• python / transformers: Monitor for unusual process execution related to the transformers package, especially when handling checkpoint files.
• python / transformers: Check for modified or newly created files in the Transformers installation directory after checkpoint conversion.
• python / transformers: Review system logs for errors or warnings related to checkpoint conversion or configuration loading.
disclosure
漏洞利用状态
EPSS
0.10% (27% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2025-14926 is to upgrade Hugging Face Transformers to version 4.57.1 or later. If upgrading immediately is not feasible, carefully scrutinize any checkpoint files before conversion, especially those from untrusted sources. Consider implementing input validation and sanitization within your code to prevent the execution of malicious code. While a WAF or proxy cannot directly prevent this vulnerability, they can be configured to detect and block suspicious checkpoint file uploads or conversions. There are no specific Sigma or YARA rules available at this time, but monitoring for unusual process execution related to Transformers is recommended.
Actualice la biblioteca Hugging Face Transformers a una versión posterior a la 4.57.0. Esto solucionará la vulnerabilidad de inyección de código en la función convert_config. Evite convertir checkpoints de fuentes no confiables.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-14926 is a Remote Code Execution vulnerability in Hugging Face Transformers versions 4.57.0–4.57.0, allowing attackers to execute arbitrary code by exploiting a flaw in the checkpoint conversion process.
If you are using Hugging Face Transformers versions 4.57.0 through 4.57.0, you are potentially affected by this vulnerability. Upgrade to 4.57.1 or later to mitigate the risk.
The recommended fix is to upgrade Hugging Face Transformers to version 4.57.1 or a later version. If immediate upgrade is not possible, carefully validate checkpoint files before conversion.
Currently, there are no confirmed reports of active exploitation of CVE-2025-14926, but monitoring for exploitation is recommended.
Refer to the Hugging Face security advisories page for the latest information and updates regarding CVE-2025-14926: [https://huggingface.co/docs/security](https://huggingface.co/docs/security)
上传你的 requirements.txt 文件,立即知道是否受影响。