{"data":{"id":"3b2488f5-516e-461e-93e1-1091c34eed37","title":"Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs","summary":"A high-severity vulnerability in Hugging Face Transformers (a popular Python library for running AI models) allows attackers to execute malicious code on systems even when developers use the trust_remote_code=false setting, which is meant to block remote code execution. The attack works by hiding malicious instructions in a fake configuration parameter called _attn_implementation_internal that looks like a normal internal setting, leaving no warning messages or traces. This vulnerability affects versions 4.56.0 through 5.2.x and is particularly dangerous because the Transformers library is downloaded millions of times per week and used widely in enterprise environments.","solution":"The vulnerability was silently patched in Transformers version 5.3.0, released on March 3. Users should update to this version or later to receive the fix.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4181094/hugging-face-transformers-rce-flaw-enables-stealthy-compromise-via-ai-model-configs.html","publishedAt":"2026-06-04T12:01:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain","model_poisoning"],"issueType":"news","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["Hugging Face","Transformers"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-04T12:01:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}