logo

Critical RCE Vulnerability Discovered in LLaMA-Factory WebUI

ID: fdae05d7-ceee-5655-bdef-ab8a3d47d848

STIX ID: report--fdae05d7-ceee-5655-bdef-ab8a3d47d848

Feed Name: ThreatCluster

Threat Score
80/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

...
...

A critical remote code execution vulnerability (CVE-2026-58116, CVSS 3.1 score 9.8) affects LLaMA-Factory versions up to 0.9.5: attackers can execute arbitrary Python by supplying malicious model paths via the WebUI Chat and Training interfaces because unvalidated input is passed to Hugging Face model-loading with trust_remote_code enabled. The issue is remotely exploitable according to public reports, has no configuration option to disable the unsafe behavior, and mitigation steps include updating LLaMA-Factory and restricting WebUI access.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.