CVE-2026-6859: A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from
highvulnerability
security
Summary
InstructLab has a security flaw in its `linux_train.py` script that automatically trusts code from external model sources without verification (trust_remote_code=True). An attacker could trick users into downloading a malicious model from HuggingFace (a popular AI model repository) and running training commands, allowing the attacker to execute arbitrary Python code and take over the entire system.
Vulnerability Details
CVSS Score
8.8(high)
EPSS (30-day exploit probability)
EPSS: 0.0%
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
network
Attack Complexity
low
Privileges Required
none
User Interaction
required
Disclosure Date
April 22, 2026
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Taxonomy References
Affected Vendors
HuggingFace
Related Issues
Monthly digest — independent AI security research
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-6859
First tracked: April 22, 2026 at 02:08 PM
Classified by LLM (prompt v3) · confidence: 92%