CVE-2026-6859
HIGHDescription
A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from HuggingFace. This allows a remote attacker to achieve arbitrary Python code execution by convincing a user to run `ilab train/download/generate` with a specially crafted malicious model from the HuggingFace Hub. This vulnerability can lead to complete system compromise.
Is your site exposed to CVE-2026-6859?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| redhat | instructlab |
| redhat | enterprise_linux_ai |
References
Frequently Asked Questions
What is CVE-2026-6859? +
How severe is CVE-2026-6859? +
What products are affected by CVE-2026-6859? +
How do I check if I'm vulnerable to CVE-2026-6859? +
Related Vulnerabilities
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. …
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules …
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input …
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those …
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control …