CVE-2025-61784: LLaMA-Factory is a tuning library for large language models. Prior to version 0.9.4, a Server-Side Request Forgery (SSRF
Summary
LLaMA-Factory, a library for customizing large language models, has a vulnerability in versions before 0.9.4 that allows authenticated users to exploit SSRF (server-side request forgery, where the server is tricked into making requests to unintended destinations) and LFI (local file inclusion, where attackers can read files directly from the server) by providing malicious URLs to the chat API. The vulnerability exists because the code doesn't validate URLs before making HTTP requests, allowing attackers to access sensitive internal services or read arbitrary files from the server.
Solution / Mitigation
Update to version 0.9.4 or later, which fixes the underlying issue.
Vulnerability Details
7.6(high)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-61784
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 95%