YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
Dill .dill RCE PoC - importlib.import_module + operator.methodcaller ModelScan Bypass
Vulnerability
Malicious .dill file achieves RCE via pickle deserialization using importlib.import_module + operator.methodcaller, bypassing ModelScan's unsafe_globals blocklist.
Reproduction
import dill
with open("model.dill", "rb") as f:
model = dill.load(f) # RCE occurs here
Check /tmp/dill_rce_proof for execution evidence.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support