Hugging Face's logo

elliottower2
/
nemo-unsafe-load-poc

Model card Files
xet
 Community

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

NeMo Unsafe torch.load PoC

15+ core code locations call torch.load() without weights_only=True. modelPT.py:1414, adapter_mixins.py:964, dataset.py (12 instances). Enables pickle-based RCE from crafted .ckpt files.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support