Just in:
Iran widens energy threat as Hormuz battle escalates // Louis Vuitton Celebrates 130 Years of the Monogram // Revolut clears first hurdle for Dubai crypto launch // Enshi Suobuya Stone Forest in China Launches Rich Cultural Experiences to Welcome Southeast Asian Tourists // CyCraft Named a Sample Provider in the Gartner® Latest AI Reasoning Models Report—The Only Taiwan-Based Cybersecurity Provider Listed // Guardian Fire expands Midwest reach with Nebraska deal // Fynd brings AI fashion platform to Gulf // TrendAI™ Named a Champion for the Fourth Consecutive Year in Omdia’s Global Cybersecurity Platform Ecosystems Leadership Matrix 2026 // “Achievements of National Aerospace Endeavours” Thematic Exhibition Makes First Stop at Hong Kong Science Park // DITP Launches THAI SELECT Festival 2026 in New York to Strengthen U.S. Market Opportunities for Thailand’s Food Industry // Launch ceremony of third edition of Hong Kong Fashion Fest Held on July 9 // BlackRock Bitcoin fund assets approach $48 billion // EU prosecutors examine subsidies linked to Babiš // UK sets overnight social media curfew for teens // Paymentology and T2P partner to accelerate the future of card issuing in Thailand // Central & Western District Youth-to-Career Explo Connects Hong Kong Youth to Future Careers in AI Era // Trump scraps Hormuz levy but tightens Iran blockade // Dubai weighs turning organic waste into aviation fuel // Rival cyber spies penetrate Pakistan police networks // Dubai-Botswana pact opens new commodity trade corridor //

Merlin’s Weak Link: NVIDIA AI Library Vulnerability Exposes Root RCE Risk

A critical security flaw in NVIDIA’s Merlin Transformers4Rec framework allows threat actors to execute code remotely with root-level access, raising alarm across the AI ecosystem. The vulnerability, tracked as CVE-2025-23298, stems from unsafe deserialization in the model checkpoint loading routine.

Attackers exploiting this flaw can submit crafted model files that, when deserialized via Python’s built-in mechanisms, trigger arbitrary command execution within the process’s context. Given that AI infrastructure often runs with escalated privileges in production, the outcome may extend far beyond a single model compromise.

NVIDIA confirmed that the patch is available in commit b7eaea5, which introduces stricter validation of serialized objects and limits the classes allowed during deserialization. The official security advisory lists affected versions of Transformers4Rec as “all versions not including commit b7eaea5”.

ADVERTISEMENT

Merlin’s Transformers4Rec is widely used in recommendation systems, especially in e-commerce and media platforms. It integrates with Hugging Face Transformers and pipelines leveraging PyTorch and Triton Inference Server, making it a critical link in many organisations’ AI stacks.

Trend Micro’s ZDI Threat Hunting Team flagged the issue during audits of AI frameworks, confirming that unsafe use of pickle underlies the flaw. In particular, the vulnerable function loadmodeltrainerstatesfrom_checkpoint called torch. load() without restrictions—effectively allowing a malicious serialized payload to execute system commands when loaded.

The severity of CVE-2025-23298 is rated high, with a CVSS 3.1 score of 7.8, reflecting the danger of confidentiality, integrity, and availability loss. Attack complexity is low, and no user interaction is required, though local access with low privileges is needed.

Security firms caution that the flaw is symptomatic of a broader problem in AI development: reliance on serialization tools that permit code execution if misused. The continued use of pickle in model persistence workflows is a major risk vector in machine learning supply chains.

Mitigation steps include upgrading to patched versions that enforce class-based white-listing for deserialized objects, using weights_only=True where possible, sandboxing model loading, and validating the origin of model artifacts. Organisations are urged to restrict systems’ file access and monitor for anomalous execution activity.

Beyond the immediate patching, the industry is facing mounting pressure to adopt safer serialization formats like Safetensors or ONNX, combined with cryptographic signing of model files and hardened deployment architectures. Experts argue that machine learning security must shift from reactive patching to proactive, framework-level safeguards.

Several other NVIDIA frameworks have also been implicated in code injection vulnerabilities, including WebDataset, Apex, Isaac-GR00T, Megatron-LM, and NeMo. The company’s broader August security bulletin addresses these in tandem, reflecting a coordinated response across its AI software portfolio.



Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT
Social Media Auto Publish Powered By : XYZScripts.com
Just in:
Fynd brings AI fashion platform to Gulf // “Achievements of National Aerospace Endeavours” Thematic Exhibition Makes First Stop at Hong Kong Science Park // Rival cyber spies penetrate Pakistan police networks // Dubai weighs turning organic waste into aviation fuel // Louis Vuitton Celebrates 130 Years of the Monogram // Launch ceremony of third edition of Hong Kong Fashion Fest Held on July 9 // Dubai-Botswana pact opens new commodity trade corridor // BlackRock Bitcoin fund assets approach $48 billion // Revolut clears first hurdle for Dubai crypto launch // Central & Western District Youth-to-Career Explo Connects Hong Kong Youth to Future Careers in AI Era // De Beers halts Venetia output amid diamond slump // Iran widens energy threat as Hormuz battle escalates // TrendAI™ Named a Champion for the Fourth Consecutive Year in Omdia’s Global Cybersecurity Platform Ecosystems Leadership Matrix 2026 // Enshi Suobuya Stone Forest in China Launches Rich Cultural Experiences to Welcome Southeast Asian Tourists // CyCraft Named a Sample Provider in the Gartner® Latest AI Reasoning Models Report—The Only Taiwan-Based Cybersecurity Provider Listed // A SIM Guide to Comparing Graduate Salaries and Employability in Singapore // Inflation In India Rising Sharply Since January 2026, Highest In June // Paymentology and T2P partner to accelerate the future of card issuing in Thailand // UK sets overnight social media curfew for teens // EU prosecutors examine subsidies linked to Babiš //