pickle
-
Critical LeRobot flaw could let attackers run code on robotics systems
A critical flaw in Hugging Face’s LeRobot robotics platform could let an unauthenticated attacker run code on affected systems. The issue is tracked as CVE-2026-25874 and remains unpatched, with a fix planned for version 0.6.0.
-
Three critical bugs in Picklescan could let malicious PyTorch models execute code, researchers say
Researchers disclosed three high-severity vulnerabilities in Picklescan that can be abused to bypass scanning and execute arbitrary code when loading malicious PyTorch models; fixes were released in Picklescan 0.0.31 and related analysis is available from JFrog, SecDim and others.
-
Researchers find widespread remote code execution risk in AI inference engines from unsafe ZMQ and pickle use
Researchers found a recurring insecure pattern — pickle deserialization over unauthenticated ZeroMQ sockets — in multiple AI inference frameworks, creating remote code execution risks across projects including vLLM, NVIDIA TensorRT-LLM, Modular Max Server and SGLang; related research also showed browser and IDE injection risks in Cursor.
