Business CircleBusiness Circle
  • Home
  • AI News
  • Startups
  • Markets
  • Finances
  • Technology
  • More
    • Human Resource
    • Marketing & Sales
    • SMEs
    • Lifestyle
    • Trading & Stock Market
What's Hot

Comstock Resources Drops 5.9% Amid Sector-Wide Selling

July 13, 2026

27 Football Party Foods That Actually Empty Off The Table

July 13, 2026

ChatGPT is $20/month. Get GPT, Claude, and Gemini for a full year for $30.

July 12, 2026
Facebook Twitter Instagram
Monday, July 13
  • Advertise with us
  • Submit Articles
  • About us
  • Contact us
Business CircleBusiness Circle
  • Home
  • AI News
  • Startups
  • Markets
  • Finances
  • Technology
  • More
    • Human Resource
    • Marketing & Sales
    • SMEs
    • Lifestyle
    • Trading & Stock Market
Subscribe
Business CircleBusiness Circle
Home » Python libraries used in top AI and ML tools hacked – Nvidia, Salesforce and other libraries all at risk
Technology

Python libraries used in top AI and ML tools hacked – Nvidia, Salesforce and other libraries all at risk

Business Circle TeamBy Business Circle TeamJanuary 14, 2026Updated:January 14, 2026No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Python libraries used in top AI and ML tools hacked – Nvidia, Salesforce and other libraries all at risk
Share
Facebook Twitter LinkedIn Pinterest Email



  • Palo Alto discovered essential flaws in AI/ML libraries NeMo, Uni2TS, and FlexTok
  • Vulnerabilities allowed arbitrary code execution by way of malicious mannequin metadata
  • All patched by mid-2025; no exploitation noticed as of December 2025

Safety researchers from Palo Alto Networks have found vulnerabilities utilized in some high Synthetic Intelligence (AI) and machine Studying (ML) instruments which, if abused, may enable risk actors to execute malicious code on course endpoints, remotely.

In a safety advisory, the researchers mentioned that round April 2025, they found bugs in three open supply Python libraries revealed by Apple, Salesforce, and NVIDIA, on their GitHub repositories.

The libraries are known as NeMo, Uni2TS, and FlexTok. NeMo is a PyTorch-based framework for analysis, Uni2TS a PyTorch library for analysis utilized by Salesforce’s Morai, and FlexTok is a Python-based framework for analysis, enabling AL and ML fashions to course of photos. Cumulatively, they’ve greater than 10 million downloads on HuggingFace (a platform that hosts open-source AI fashions and different instruments).


Chances are you’ll like

Bugs fastened

“The vulnerabilities stem from libraries utilizing metadata to configure advanced fashions and pipelines, the place a shared third-party library instantiates courses utilizing this metadata,” Palo Alto defined in its advisory.

“Susceptible variations of those libraries merely execute the supplied information as code. This permits an attacker to embed arbitrary code in mannequin metadata, which might routinely execute when weak libraries load these modified fashions.”

All three builders have been notified in April 2025, and by the top of July, all have been fastened. NVIDIA issued CVE-2025-23304 and gave it a excessive severity ranking (7.8/10) and launched a repair in NeMo 2.3.2. FlexTok up to date its code in June 2025, whereas Salesforce issued CVE-2026-22584, gave it a essential ranking (9.8/10), and stuck it in July 2025.

Palo Alto says that as of December 2025, there isn’t any proof that these vulnerabilities are being abused within the wild. The entire bugs have been found by the corporate’s Prisma AIRS instrument.

Signal as much as the TechRadar Professional e-newsletter to get all the highest information, opinion, options and steerage your small business must succeed!


Best antivirus software header

One of the best antivirus for all budgets

Our high picks, based mostly on real-world testing and comparisons

Comply with TechRadar on Google Information and add us as a most well-liked supply to get our skilled information, critiques, and opinion in your feeds. Be sure that to click on the Comply with button!

And naturally you may as well comply with TechRadar on TikTok for information, critiques, unboxings in video type, and get common updates from us on WhatsApp too.





Source link

Hacked Libraries NVIDIA Python risk Salesforce Tools top
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Business Circle Team
Business Circle Team
  • Website

Related Posts

ChatGPT is $20/month. Get GPT, Claude, and Gemini for a full year for $30.

July 12, 2026

Top analysts are confident about these 3 stocks for the long haul

July 12, 2026

I used the Razr Fold and Pixel 10 Pro Fold. Only one keeps winning me over

July 12, 2026

After years of teasing, the viral Nopia synth is ‘basically finished’

July 12, 2026
LATEST UPDATES

Comstock Resources Drops 5.9% Amid Sector-Wide Selling

July 13, 2026

27 Football Party Foods That Actually Empty Off The Table

July 13, 2026

ChatGPT is $20/month. Get GPT, Claude, and Gemini for a full year for $30.

July 12, 2026

Johnson & Johnson Travel Ready First Aid Kit 80-Piece only $6.04 shipped (Reg. $14+)

July 12, 2026

B2B Reads: AI Overload, Sales Compensation, and Lead Gen Timing

July 12, 2026

MVP Development on a Founder Budget: What to Cut and What to Keep

July 12, 2026

Subscribe to Updates

Get the latest sports news from SportsSite about soccer, football and tennis.

Business, Finance and Market Growth News Site

Important Pages
  • Advertise with us
  • Submit Articles
  • About us
  • Contact us
Recent Posts
  • Comstock Resources Drops 5.9% Amid Sector-Wide Selling
  • 27 Football Party Foods That Actually Empty Off The Table
  • ChatGPT is $20/month. Get GPT, Claude, and Gemini for a full year for $30.
© 2026 BusinessCircle.co
  • Privacy Policy
  • Terms and Conditions
  • Cookie Privacy Policy
  • Disclaimer
  • DMCA

Type above and press Enter to search. Press Esc to cancel.