MessagePack msgspec Decoder untyped trigger PoC

This repository contains a benign security research proof of concept for a MessagePack model-file vulnerability report.

Files:

  • control.msgpack
  • decoder_trigger.msgpack
  • reproduce.py

The malicious MessagePack file is loaded with msgspec.msgpack.Decoder().decode(...). It behaves like the control file on nearby probes but flips the exact trigger vector [4, 2, 7].

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support