Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183
Vulnerabilities
| Vulnerability |
Severity |
 CVSS |
Dependency |
Type |
Fixed in (transformers version) |
Remediation Possible** |
| CVE-2026-1839 |
 Medium |
6.5 |
transformers-4.57.6-py3-none-any.whl |
Direct |
transformers - 5.0.0rc3 |
❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2026-1839
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
- ❌ transformers-4.57.6-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183
Found in base branch: main
Vulnerability Details
A vulnerability in the HuggingFace Transformers library, specifically in the "Trainer" class, allows for arbitrary code execution. The "_load_rng_state()" method in "src/transformers/trainer.py" at line 3059 calls "torch.load()" without the "weights_only=True" parameter. This issue affects all versions of the library supporting "torch>=2.2" when used with PyTorch versions below 2.6, as the "safe_globals()" context manager provides no protection in these versions. An attacker can exploit this vulnerability by supplying a malicious checkpoint file, such as "rng_state.pth", which can execute arbitrary code when loaded. The issue is resolved in version v5.0.0rc3.
Publish Date: 2026-04-07
URL: CVE-2026-1839
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-69w3-r845-3855
Release Date: 2026-04-07
Fix Resolution: transformers - 5.0.0rc3
Step up your Open Source Security Game with Mend here
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183
Found in base branch: main
Vulnerability Details
A vulnerability in the HuggingFace Transformers library, specifically in the "Trainer" class, allows for arbitrary code execution. The "_load_rng_state()" method in "src/transformers/trainer.py" at line 3059 calls "torch.load()" without the "weights_only=True" parameter. This issue affects all versions of the library supporting "torch>=2.2" when used with PyTorch versions below 2.6, as the "safe_globals()" context manager provides no protection in these versions. An attacker can exploit this vulnerability by supplying a malicious checkpoint file, such as "rng_state.pth", which can execute arbitrary code when loaded. The issue is resolved in version v5.0.0rc3.
Publish Date: 2026-04-07
URL: CVE-2026-1839
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-69w3-r845-3855
Release Date: 2026-04-07
Fix Resolution: transformers - 5.0.0rc3
Step up your Open Source Security Game with Mend here