Tag
#deserialization
2 posts tagged deserialization.
- advisory
Model File Format Flaws: Pickle, ONNX, and SafeTensors
Unsafe deserialization in PyTorch's pickle-based format has enabled malicious model distribution for years. This post explains how pickle exploitation
- cve
CVE-2026-7669: Deserialization Flaw in SGLang's Tokenizer Loader
A medium-severity deserialization bug in SGLang's get_tokenizer routine affects all releases up to 0.5.9. The vendor has not responded to the disclosure