The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of ...

Palo Alto found critical flaws in AI/ML libraries NeMo, Uni2TS, and FlexTok Vulnerabilities allowed arbitrary code execution via malicious model metadata All patched by mid-2025; no exploitation ...