Product
critical
advisory
OpenMed RCE via Malicious Hugging Face Model Loading (CVE-2026-47117)
2 rules 1 TTPOpenMed before 1.5.2 is vulnerable to remote code execution (CVE-2026-47117) due to broad substring matching in the PII privacy-filter model loading path, allowing an unauthenticated attacker to execute arbitrary code by supplying a malicious Hugging Face model repository containing custom Transformers code.
OpenMed +1
cve
rce
huggingface
2r
1t
medium
advisory
LMDeploy Hardcoded trust_remote_code Enables Remote Code Execution (CVE-2026-46517)
2 rules 2 TTPs 1 IOCLMDeploy <= 0.12.3 is vulnerable to remote code execution (CVE-2026-46517) because it hardcodes `trust_remote_code=True` when calling `transformers.AutoConfig.from_pretrained()`, allowing a malicious Hugging Face repository to execute arbitrary Python code when loaded without user opt-out.
transformers +1
remote code execution
supply chain
lmdeploy
2r
2t
1i