← signals
2026-07-13·HUGGINGFACE·security risk
highdown

On July 7, 2026, the Open Source Vulnerability (OSV) database published a cluster of 12 advisories (PYSEC-2026-1977...

On July 7, 2026, the Open Source Vulnerability (OSV) database published a cluster of 12 advisories (PYSEC-2026-1977 through PYSEC-2026-1988) detailing vulnerabilities in the Hugging Face Transformers library.

window 10devidence 88confidence score 100

confidence score

Strong evidence: 3 independent source classes support this read.

100
high confidence3 independent source classesotherpasses publish gate

signal brief

On July 7, 2026, the Open Source Vulnerability (OSV) database published a cluster of 12 advisories (PYSEC-2026-1977 through PYSEC-2026-1988) detailing vulnerabilities in the Hugging Face Transformers library. The advisories include multiple Regular Expression Denial of Service (ReDoS) vulnerabilities (CVE-2025-3933, CVE-2025-3262, CVE-2025-6921, CVE-2025-6638, CVE-2024-12720, CVE-2025-5197, CVE-2025-1194, CVE-2025-3264, CVE-2025-3263, CVE-2025-6051), a deserialization vulnerability (CVE-2024-3568), and an improper input validation vulnerability (CVE-2025-3777). These vulnerabilities affect core components like the DonutProcessor, MarianTokenizer, AdamWeightDecay optimizer, and configuration file handling. Exploitation could lead to service disruption or arbitrary code execution. The sheer number and breadth of these CVEs raise significant security concerns for organizations relying on the Transformers library. Hugging Face released version 5.13.1 on July 11, likely addressing some of these issues, but no official patch notes have been provided. This event signals a negative security posture for Hugging Face's key product.

What the sources said:

  • OSV advisory PYSEC-2026-1977: "Transformers is vulnerable to ReDoS attack through its DonutProcessor class" (source).
  • OSV advisory PYSEC-2026-1978: "Transformers Deserialization of Untrusted Data vulnerability" (source).
  • OSV advisory PYSEC-2026-1986: "Transformers's Improper Input Validation vulnerability can be exploited through username injection" (source).

source data used

Decision support, not stock advice. This signal is research with cited evidence — not a recommendation to buy, sell, or hold any security.