ZCyberNews
中文
VulnerabilitiesCritical2 min read
CVE-2026-25874

CVE-2026-25874: Unpatched RCE Flaw in Hugging Face LeRobot

CVE-2026-25874 (CVSS 9.3) in Hugging Face LeRobot enables unauthenticated RCE via unsafe deserialization.

CVE-2026-25874: Unpatched RCE Flaw in Hugging Face LeRobot

Executive Summary

A critical unauthenticated remote code execution (RCE) vulnerability, tracked as CVE-2026-25874 (CVSS 9.3), has been disclosed in Hugging Face's LeRobot open-source robotics platform. The flaw stems from unsafe deserialization of untrusted data, allowing an attacker to execute arbitrary code on any system running the platform. LeRobot has approximately 24,000 GitHub stars and is used by robotics researchers and developers for simulation and control. As of publication, no patch has been released, and the maintainers have not confirmed a fix timeline.

Technical Analysis

According to researchers who disclosed the flaw to The Hacker News, CVE-2026-25874 is a classic untrusted data deserialization vulnerability. LeRobot's codebase deserializes user-supplied data without proper validation or sandboxing, enabling an attacker to craft a malicious serialized object that, when processed, triggers arbitrary code execution. The vulnerability is exploitable without authentication, meaning any network-accessible instance of LeRobot is at risk.

The CVSS 9.3 score reflects the ease of exploitation (network vector, low complexity, no privileges required, no user interaction) and the full impact on confidentiality, integrity, and availability. The exact code path and affected module have not been publicly detailed to allow users time to apply mitigations.

Mitigations & Recommendations

Until a patch is available, defenders should treat any internet-facing LeRobot instance as compromised. Recommended mitigations include:

  • Network isolation: Place LeRobot behind a firewall or VPN, restricting access to trusted IPs only.
  • Disable the service: If LeRobot is not actively required for critical operations, disable it until a patch is released.
  • Monitor for exploitation: Watch for anomalous deserialization attempts or unexpected process execution on hosts running LeRobot.
  • Apply principle of least privilege: Run LeRobot with minimal system permissions to limit blast radius.

No vendor-supplied workaround has been published as of this writing.

Stay Updated

Get the latest cybersecurity news delivered to your inbox.

Tags:#hugging-face#lerobot#cve-2026-25874#remote-code-execution#deserialization#open-source

Related Articles

Windows domain controller and Netlogon authentication traffic under active exploitation alert for CVE-2026-41089.CRITICAL
Vulnerabilities

CVE-2026-41089: Windows Netlogon RCE Exploited in Wild

CVE-2026-41089 is a critical Windows Netlogon RCE now reported as exploited in the wild, with Microsoft CNA scoring it CVSS 9.8.

CVE-2026-41089
4 min read
CVE-2026-8836: CVSS 10.0 Stack Overflow in lwIP SNMPv3 ParserCRITICAL
Vulnerabilities

CVE-2026-8836: CVSS 10.0 Stack Overflow in lwIP SNMPv3 Parser

CVE-2026-8836 is a CVSS 10.0 stack-based buffer overflow in lwIP up to 2.2.1's SNMPv3 USM handler. Remote unauthenticated attackers can trigger code execution via crafted...

CVE-2026-8836
3 min read
CVE-2024-57728: SimpleHelp Path Traversal Lets Admins UploadHIGH
Vulnerabilities

CVE-2024-57728: SimpleHelp Path Traversal Lets Admins Upload

CISA adds CVE-2024-57728 to Known Exploited Vulnerabilities: SimpleHelp path traversal via zip slip allows admin users to upload arbitrary files and execute code. Due May 8, 2026.

CVE-2024-57728
3 min read