CLIP PyTorch RCE PoC
Malicious PyTorch model file that demonstrates RCE via torch.load() in CLIP.
Vulnerability: Insecure deserialization in clip/clip.py:136
state_dict = torch.load(opened_file, map_location="cpu")
torch.load() uses pickle under the hood, allowing arbitrary code execution when loading a malicious model.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support