Hugging Face | writeups.xyz

Title	Vulnerabilities	Programs	Authors
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms	AI RCE XSS Missing Authentication Container Escape Malicious AI Model Malicious Datasets	Jupyter Hugging Face MLflow KServe Seldon	Ori Hollander Shachar Menashe Natan Nehorai Uriya Yavnieli
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AI	LLM Insecure Deserialization RCE	Hugging Face Protect AI	Peng Zhou
Wiz Research finds architecture risks that may compromise AI-as-a-Service providers and consequently risk customer data; works with Hugging Face on mitigations	AI Malicious AI Model Cloud CI/CD RCE Insecure Deserialization Privilege Escalation Supply Chain Attack Cross-Tenant Vulnerability	Hugging Face	Shir Tamari (@Shirtamari) Sagi Tzadik (@Sagitz_)
Hijacking Safetensors Conversion On Hugging Face	Malicious AI Model Supply Chain Attack	Hugging Face	Eoin Wickens (@Enwckns) Kasimir Schulz (@Abraxus7331)

Page 1 of 1