PyPI: transformers
CVE-2025-6638
Safety vulnerability ID: SFTY-20250912-74260
Safety legacy ID: pyup.io-79596
Affected versions of the transformers package are vulnerable to Regular Expression Denial of Service (ReDoS) due to inefficient regular expressions in the MarianTokenizer.remove_language_code() method. The method compiles a language-code pattern and uses language_code_re.match() and language_code_re.sub() on untrusted text (e.g., matching ">>...<<"), which allows crafted inputs to cause catastrophic backtracking and high CPU utilization. An attacker can submit specially formed strings to any service that tokenizes text with MarianTokenizer—without authentication—to slow the process dramatically and potentially cause a denial of service.
Overview
Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer
Advisory
Affected versions of the transformers package are vulnerable to Regular Expression Denial of Service (ReDoS) due to inefficient regular expressions in the MarianTokenizer.remove_language_code() method. The method compiles a language-code pattern and uses language_code_re.match() and language_code_re.sub() on untrusted text (e.g., matching ">>...<<"), which allows crafted inputs to cause catastrophic backtracking and high CPU utilization. An attacker can submit specially formed strings to any service that tokenizes text with MarianTokenizer—without authentication—to slow the process dramatically and potentially cause a denial of service.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20250912-74260/CVE-2025-6638
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6638
- https://github.com/advisories/GHSA-59p9-h35m-wg4g
- https://nvd.nist.gov/vuln/detail/CVE-2025-6638
- https://github.com/huggingface/transformers/commit/47c34fba5c303576560cb29767efb452ff12b8be
- https://huntr.com/bounties/6a6c933f-9ce8-4ded-8b3b-2c1444c61f36
- https://github.com/huggingface/transformers/commit/d37f7517972f67e3f2194c000ed0f87f064e5099
- https://github.com/advisories/GHSA-59p9-h35m-wg4g
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more