cvefeed.io
Critical RCE Vulnerability Discovered in LLaMA-Factory WebUI
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A critical remote code execution vulnerability, CVE-2026-58116, has been identified in LLaMA-Factory versions up to 0.9.5. The flaw allows attackers to execute arbitrary Python code by supplying a malicious model path in the WebUI Chat and Training interfaces. This vulnerability is due to unvalidated user input being passed to Hugging Face model-loading functions with trust_remote_code enabled. The CVSS 3.1 score is 9.8, indicating high severity. Recommended mitigations include updating LLaMA-Factory and restricting WebUI access. Public reports confirm the issue is remotely exploitable, raising concerns about widespread impact. No configuration options exist to disable the unsafe behavior, increasing vulnerability exposure.
Key Points: • CVE-2026-58116 allows RCE via malicious model paths in LLaMA-Factory WebUI. • The vulnerability affects all versions up to 0.9.5 and has a CVSS score of 9.8. • Mitigation includes updating the software and restricting access to the WebUI.