Huggingface

Security researcher Valentin Lobstein discovers CVSS 9.8 pickle deserialization vulnerabilities in LeRobot, ktransformers, and LightLLM. ML frameworks using pickle for network serialization create widespread attack surface.