PYSEC-2026-1965

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/text-generation/PYSEC-2026-1965.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1965
Aliases
Published
2026-07-07T16:03:21.466506Z
Modified
2026-07-07T17:48:05.289553694Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Hugging Face Text Generation Inference vulnerable to Uncontrolled Resource Consumption
Details

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET request, reading the entire response body into memory and cloning it before decoding. This behavior can lead to resource exhaustion, including network bandwidth saturation, memory inflation, and CPU overutilization. The vulnerability is triggered even if the request is later rejected for exceeding token limits. The default deployment configuration, which lacks memory usage limits and authentication, exacerbates the impact, potentially crashing the host machine. The issue is resolved in version 3.3.7.

References

Affected packages

PyPI / text-generation

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.7

Affected versions

0.*
0.1.0
0.2.0
0.2.1
0.3.0
0.3.1
0.4.0
0.4.1
0.5.0
0.5.1
0.5.2
0.6.0
0.6.1
0.7.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/text-generation/PYSEC-2026-1965.yaml"