CVE-2025-53002
- Source
- https://cve.org/CVERecord?id=CVE-2025-53002
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53002.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-53002
- Aliases
- Published
- 2025-06-26T14:40:52.764Z
- Modified
- 2026-04-10T05:29:23.099036Z
- Severity
-
- 8.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H CVSS Calculator
- Summary
- LLaMA-Factory Remote Code Execution (RCE) Vulnerability
- Details
-
LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the
vhead_fileis loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passing a maliciousCheckpoint pathparameter through theWebUIinterface. The attack is stealthy, as the victim remains unaware of the exploitation. The root cause is that thevhead_fileargument is loaded without the secure parameterweights_only=True. Version 0.9.4 contains a fix for the issue. - Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53002.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-502", "CWE-94" ] }- References
-
- https://drive.google.com/file/d/1AddKm2mllsXfuvL4Tvbn_WJdjEOYXx4y/view?usp=sharing
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53002.json
- https://github.com/hiyouga/LLaMA-Factory/security/advisories/GHSA-xj56-p8mm-qmxj
- https://nvd.nist.gov/vuln/detail/CVE-2025-53002
- https://github.com/hiyouga/LLaMA-Factory/commit/bb7bf51554d4ba8432333c35a5e3b52705955ede
Affected packages
Git / github.com/hiyouga/llama-factory
Affected ranges
- Type
- GIT
- Repo
- https://github.com/hiyouga/llama-factory
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed