Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks

A critical RCE vulnerability (CVE-2026-4372) in the HuggingFace Transformers library allowed attackers to execute arbitrary Python code by supplying a malicious model config (the_attn_implementation_internal) hosted on HuggingFace Hub, bypassing trust_remote_code protections. The flaw affected versions 4.56.0 through 5.2.x when used with the optional kernels package between August 2025 and March 2026 and was remediated in version 5.3.0; organizations are urged to upgrade, audit downloaded models, and isolate model execution to mitigate supply-chain risk.