Huggingface Lerobot
2 CVEs affecting Huggingface Lerobot. Latest disclosed: 2026-04-23. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25874 | Critical | 9.8 | 2026-04-23 | LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data receive… |
CVE-2025-10772 | Medium | 6.3 | 2025-09-21 | A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robot_… |