Hugging Face's logo

WolfpackArmy
/
pickle-rce-poc

Model card Files
xet
 Community

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

Pickle Model File ACE PoC

Vulnerability

Arbitrary Code Execution via pickle.load() deserialization (CWE-502)

Files

  • poc_evil.pkl โ€” Malicious .pkl, executes code on pickle.load()
  • poc_stealth.pkl โ€” Stealth variant disguised as an sklearn model
  • benign.pkl โ€” Clean pickle file for comparison

Reproduce 

import pickle
# WARNING: Executes arbitrary code
with open('poc_evil.pkl', 'rb') as f:
    obj = pickle.load(f)
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support