transformers vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-4372Hightransformers: HuggingFace transformers vulnerable to remote code executionCVE-2026-1839Mediumtransformers: HuggingFace Transformers allows for arbitrary code execution in the `Trainer` classCVE-2025-6921Mediumtransformers: Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the…CVE-2025-6051Mediumtransformers: Hugging Face Transformers library has Regular Expression Denial of ServiceCVE-2025-6638Mediumtransformers: Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizerCVE-2025-5197Mediumtransformers: Hugging Face Transformers Regular Expression Denial of Service (ReDoS) vulnerabilityCVE-2025-3933Mediumtransformers: Transformers is vulnerable to ReDoS attack through its DonutProcessor classCVE-2025-3777Lowtransformers: Transformers's Improper Input Validation vulnerability can be exploited through username injectionCVE-2025-3264Mediumtransformers: Transformers vulnerable to ReDoS attack through its get_imports() functionCVE-2025-3263Mediumtransformers: Transformers's ReDoS vulnerability in get_configuration_file can lead to catastrophic backtrackingCVE-2025-3262Mediumtransformers: Transformers vulnerable to ReDoS attack through its SETTING_RE variableCVE-2025-2099Mediumtransformers: Hugging Face Transformers Regular Expression Denial of ServiceCVE-2025-1194Mediumtransformers: Transformers Regular Expression Denial of Service (ReDoS) vulnerabilityCVE-2024-12720Mediumtransformers: Transformers Regular Expression Denial of Service (ReDoS) vulnerabilityCVE-2024-11392Hightransformers: Deserialization of Untrusted Data in Hugging Face TransformersCVE-2024-11393Hightransformers: Deserialization of Untrusted Data in Hugging Face TransformersCVE-2024-11394Hightransformers: Deserialization of Untrusted Data in Hugging Face TransformersCVE-2024-3568Lowtransformers: Transformers Deserialization of Untrusted Data vulnerabilityCVE-2023-7018Hightransformers: transformers has a Deserialization of Untrusted Data vulnerabilityCVE-2023-6730Criticaltransformers: transformers has a Deserialization of Untrusted Data vulnerabilityCVE-2023-2800Mediumtransformers: transformers has Insecure Temporary File

Stop the waste.
Protect your environment with Kodem.