CVE-2026-25874 – Hugging Face LeRobot

CVSS 9.3 CRITICAL

“A critical flaw in LeRobot turns AI workflows into a high-risk execution path.”

This patch addresses CVE-2026-25874 in Hugging Face LeRobot. The vulnerability introduces a severe security gap within an AI and robotics framework, potentially allowing attackers to manipulate execution flows or compromise connected systems. The CVSS score is 9.3, which is Critical severity, indicating a high likelihood of major impact if exploited.

Proof-of-concept code is available, confirming that exploitation is feasible and accessible. This raises immediate concern for environments using LeRobot in automated or integrated pipelines. The patch eliminates this exposure and strengthens the security of AI-driven operations.

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-25874 – Hugging Face LeRobot

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002