Tag
#huggingface
3 posts tagged huggingface.
- advisory
Model File Format Flaws: Pickle, ONNX, and SafeTensors
Unsafe deserialization in PyTorch's pickle-based format has enabled malicious model distribution for years. This post explains how pickle exploitation
- deep-dive
LLM Supply Chain Poisoning: Training Data Attacks and Backdoors
Training data poisoning and model supply chain attacks are among the hardest AI threats to detect. This post explains how they work, what public research
- cve
CVE-2026-7669: Deserialization Flaw in SGLang's Tokenizer Loader
A medium-severity deserialization bug in SGLang's get_tokenizer routine affects all releases up to 0.5.9. The vendor has not responded to the disclosure