A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges.
Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deserialization in the model checkpoint loading functionality.
Tracked as CVE-2025-23298, this vulnerability underscores the persistent security challenges in machine learning frameworks that rely on Python’s pickle serialization.
https://gbhackers.com/nvidia-merlin-fla ... execution/