CRITICAL
Hugging Face
CVE published 2026-04-23
CVE-2026-25874
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. This vulnerability allows an unauthenticated network-reachable attacker to achieve arbitrary code execution on the server or client by sending a craft [truncated]