{"data":{"id":"902ffb8c-9761-4328-bba1-100123d82c71","title":"CVE-2026-58116: LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to ex","summary":"LLaMA-Factory (a tool for customizing large language models) versions up to 0.9.5 has a remote code execution vulnerability where attackers with access to the web interface can run malicious code by providing a fake model path in the Chat or Training sections. The vulnerability exists because the application doesn't validate user input before passing it to code that loads models, and it uses a setting called trust_remote_code=True, which tells the underlying Hugging Face library to automatically execute any code included with the model files.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-58116","publishedAt":"2026-06-30T13:19:18.490Z","cveId":"CVE-2026-58116","cweIds":["CWE-94","CWE-829"],"cvssScore":"9.8","cvssSeverity":"critical","severity":"critical","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["LLaMA-Factory","HuggingFace transformers"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-30T13:19:18.490Z","capecIds":["CAPEC-242","CAPEC-437"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"framework","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":["AML.T0010"]}}