Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-w57w-5mrk-cqbr
Vulnerability ID VCID-w57w-5mrk-cqbr
Aliases CVE-2025-5197
GHSA-9356-575x-2w9m
Summary Hugging Face Transformers Regular Expression Denial of Service (ReDoS) vulnerability A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern `/[^/]*___([^/]*)/` that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1333 Inefficient Regular Expression Complexity
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5197.json
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2025-5197
cvssv3.1 5.3 https://github.com/huggingface/transformers
generic_textual MODERATE https://github.com/huggingface/transformers
cvssv3.1 5.3 https://github.com/huggingface/transformers/commit/701caef704e356dc2f9331cc3fd5df0eccb4720a
generic_textual MODERATE https://github.com/huggingface/transformers/commit/701caef704e356dc2f9331cc3fd5df0eccb4720a
cvssv3 5.3 https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
cvssv3.1 5.3 https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
generic_textual MODERATE https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
ssvc Track https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
cvssv3 5.3 https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
cvssv3.1 5.3 https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
generic_textual MODERATE https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
ssvc Track https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2025-5197
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2025-5197
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5197.json
https://api.first.org/data/v1/epss?cve=CVE-2025-5197
https://github.com/huggingface/transformers
https://github.com/huggingface/transformers/commit/701caef704e356dc2f9331cc3fd5df0eccb4720a
https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
2386842 https://bugzilla.redhat.com/show_bug.cgi?id=2386842
CVE-2025-5197 https://nvd.nist.gov/vuln/detail/CVE-2025-5197
GHSA-9356-575x-2w9m https://github.com/advisories/GHSA-9356-575x-2w9m
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5197.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/huggingface/transformers
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/huggingface/transformers/commit/701caef704e356dc2f9331cc3fd5df0eccb4720a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T13:02:53Z/ Found at https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T13:02:53Z/ Found at https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2025-5197
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.26595
EPSS Score 0.00096
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:24:33.014948+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/transformers/CVE-2025-5197.yml 38.6.0