Pulse Tech .news
Back to news
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
The Hacker News April 28, 2026

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

CVE-2026-25874 (CVSS 9.3) in LeRobot 0.4.3 allows unauthenticated RCE via pickle over gRPC, risking AI systems and sensitive data.

Advertisement

Advertisement
Read Full Article

More like this

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

The Hacker News

The new Flipper One is a pocket-sized Linux computer

The new Flipper One is a pocket-sized Linux computer

The Verge

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

The Hacker News