Critical Vulnerability in LeRobot (Hugging Face): Unauthenticated RCE via pickle

Colleagues, a security alert: a critical vulnerability in LeRobot (Hugging Face) has been disclosed — CVE-2026-25874 (CVSS 9.3).
Key points:
- In async inference (PolicyServer and robot client) unsafe pickle.loads() deserializes data received over unauthenticated gRPC without TLS.
- An attacker can deliver a crafted payload via SendPolicyInstructions / SendObservations / GetActions to achieve RCE.
- Confirmed on LeRobot 0.4.3; fix planned for 0.6.0.
Why this matters: inference services often run with elevated privileges — risks include key exfiltration, host compromise and threats to physical safety.
What immediate steps would you take right now?
#cybersecurity #vulnerabilities #OpenSource #AI


Latest comments
No comments yet.