Severity:
HIGH RISK
(7.8)
Remote Code Execution via Unsafe Model Configuration Deserialization (CWE-502) in HuggingFace Transformers
CVE-2026-4372
Published:
Status:
Analyzed
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV








