A critical vulnerability (CVE-2026-4372) in the HuggingFace Transformers library allows remote code execution via malicious model configuration files, bypassing existing security controls. This flaw affects versions 4.56.0 through 5.2.x when used with the kernels package, enabling attackers to execute arbitrary Python code during model loading from HuggingFace Hub without user consent. HuggingFace fixed the issue in version 5.3.0 and advises users to upgrade immediately and audit their environments to mitigate supply chain risks in AI workflows.
https://cybersecuritynews.com/hugging-face-rce-vulnerability/