CVE-2025-53002: LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLa
highvulnerabilityLLM-Specific
security
Summary
LLaMA-Factory, a library for training large language models, has a remote code execution vulnerability (RCE, where attackers can run malicious code on a victim's computer) in versions up to 0.9.3. Attackers can exploit this by uploading a malicious checkpoint file through the web interface, and the victim won't know they've been compromised because the vulnerable code loads files without proper safety checks.
Solution / Mitigation
Update to version 0.9.4, which contains a fix for the issue.
Vulnerability Details
CVSS Score
8.3(high)
EPSS (30-day exploit probability)
EPSS: 1.3%
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
LlamaIndex
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-53002
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 95%