Launch Week Day 1: Announcing Security Design Review
Start for Free
pypi

transformers

View on pypi registry
35 Total advisories
35 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 8.8
PyPI

CVE-2023-6730

CVE-2023-6730
HIGH 7.8
PyPI

CVE-2023-7018

CVE-2023-7018
MEDIUM 4.7
PyPI

CVE-2023-2800

CVE-2023-2800
HIGH 7.5
PyPI

CVE-2025-2099

CVE-2025-2099
HIGH 8.8
PyPI

CVE-2024-11392

CVE-2024-11392
HIGH 8.8
PyPI

CVE-2024-11394

CVE-2024-11394
HIGH 8.8
PyPI

CVE-2024-11393

CVE-2024-11393
HIGH 7.8
PyPI

CVE-2025-14930

CVE-2025-14930
HIGH 7.8
PyPI

CVE-2025-14928

CVE-2025-14928
HIGH 7.8
PyPI

CVE-2025-14926

CVE-2025-14926
HIGH 7.8
PyPI

CVE-2025-14927

CVE-2025-14927
HIGH 7.8
PyPI

CVE-2025-14920

CVE-2025-14920
HIGH 7.8
PyPI

CVE-2025-14921

CVE-2025-14921
HIGH 7.8
PyPI

CVE-2025-14924

CVE-2025-14924
HIGH 7.8
PyPI

CVE-2025-14929

CVE-2025-14929
MEDIUM 6.5
PyPI

CVE-2026-1839

HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class
HIGH 8.8
PyPI

CVE-2024-11393

Deserialization of Untrusted Data in Hugging Face Transformers
MEDIUM 5.3
PyPI

CVE-2025-6051

Hugging Face Transformers library has Regular Expression Denial of Service
MEDIUM 4.3
PyPI

CVE-2025-1194

Transformers Regular Expression Denial of Service (ReDoS) vulnerability
HIGH 8.8
PyPI

CVE-2024-11394

Deserialization of Untrusted Data in Hugging Face Transformers
MEDIUM 5.3
PyPI

CVE-2024-12720

Transformers Regular Expression Denial of Service (ReDoS) vulnerability
MEDIUM 5.3
PyPI

CVE-2025-3933

Transformers is vulnerable to ReDoS attack through its DonutProcessor class
MEDIUM 5.3
PyPI

CVE-2025-5197

Hugging Face Transformers Regular Expression Denial of Service (ReDoS) vulnerability
MEDIUM 5.3
PyPI

CVE-2025-6638

Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer
LOW 3.5
PyPI

CVE-2025-3777

Transformers's Improper Input Validation vulnerability can be exploited through username injection
HIGH 7.5
PyPI

CVE-2024-11392

Deserialization of Untrusted Data in Hugging Face Transformers
MEDIUM 5.3
PyPI

CVE-2025-6921

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer
MEDIUM 5.3
PyPI

CVE-2025-2099

Hugging Face Transformers Regular Expression Denial of Service
MEDIUM 5.3
PyPI

CVE-2025-3262

Transformers vulnerable to ReDoS attack through its SETTING_RE variable
MEDIUM 5.3
PyPI

CVE-2025-3264

Transformers vulnerable to ReDoS attack through its get_imports() function
MEDIUM 5.3
PyPI

CVE-2025-3263

Transformers's ReDoS vulnerability in get_configuration_file can lead to catastrophic backtracking
CRITICAL 9.0
PyPI

CVE-2023-6730

transformers has a Deserialization of Untrusted Data vulnerability
HIGH 7.8
PyPI

CVE-2023-7018

transformers has a Deserialization of Untrusted Data vulnerability
MEDIUM 4.7
PyPI

CVE-2023-2800

transformers has Insecure Temporary File
LOW 3.4
PyPI

CVE-2024-3568

Transformers Deserialization of Untrusted Data vulnerability

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes