VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-bp68-v13h-qufq

Essentials
Severities (16)
References (6)
Severity details (13)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-bp68-v13h-qufq
Aliases	CVE-2024-3568 GHSA-37q5-v5qm-c9v8
Summary	The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.
Status	Published
Exploitability	0.5
Weighted Severity	3.1
Risk	1.6
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-502	Deserialization of Untrusted Data
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.24427	https://api.first.org/data/v1/epss?cve=CVE-2024-3568
epss	0.24427	https://api.first.org/data/v1/epss?cve=CVE-2024-3568
epss	0.24427	https://api.first.org/data/v1/epss?cve=CVE-2024-3568
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-37q5-v5qm-c9v8
cvssv3.1	3.4	https://github.com/huggingface/transformers
generic_textual	LOW	https://github.com/huggingface/transformers
cvssv3	3.4	https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125
cvssv3.1	3.4	https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125
generic_textual	LOW	https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125
ssvc	Track	https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125
cvssv3	3.4	https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f
cvssv3.1	3.4	https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f
generic_textual	LOW	https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f
ssvc	Track	https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f
cvssv3.1	3.4	https://nvd.nist.gov/vuln/detail/CVE-2024-3568
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2024-3568

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2024-3568
		https://github.com/huggingface/transformers
693667b8ac8138b83f8adb6522ddaf42fa07c125		https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125
b3c36992-5264-4d7f-9906-a996efafba8f		https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f
CVE-2024-3568		https://nvd.nist.gov/vuln/detail/CVE-2024-3568
GHSA-37q5-v5qm-c9v8		https://github.com/advisories/GHSA-37q5-v5qm-c9v8

No exploits are available.

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://github.com/huggingface/transformers

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-14T17:57:26Z/ Found at https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-14T17:57:26Z/ Found at https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2024-3568

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.9623
EPSS Score	0.24427
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T16:40:41.840432+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2024/3xxx/CVE-2024-3568.json	38.6.0