Posts for: #Machine-Learning

6 CVEs and $750: Automating ReDoS Vulnerability Discovery with AI

2026-04-27

#hacking #huggingface #transformers #CVE #CVE-2025-3263 #CVE-2025-3264 #CVE-2025-3933 #CVE-2025-5197 #CVE-2025-6051 #CVE-2025-6638 #machine-learning #RegEx #DoS #ReDoS #bug-bounty #huntr

How I used ChatGPT to build a ReDoS vulnerability scanner in just an hour, found 6 vulnerabilities in HuggingFace’s Transformers, got paid $750, and earned 6 CVEs.

[Read more]

TensorFlow CVE-2021-37678 – YAML Deserialization RCE

2025-12-03

#hacking #google #tensorflow #keras #CVE #CVE-2021-37678 #machine-learning #RCE #Deserialization

A look into how I discovered an RCE in TensorFlow/Keras caused by unsafe YAML deserialization, how it worked, and what I learned from it.

[Read more]