// ADVISORIES

Public model advisories

Each Monday morning we scan the top 50 most-downloaded text-generation models on Hugging Face for malicious pickle code, restrictive licensing, and other supply-chain risks. Findings here are surfaced as advisories, not as accusations. Every finding links to the source so you can verify.

📡 RSS feed →

5 models flagged · last scanned 5/25/2026

openai-community/gpt2

Security: CRITICAL Legal: None Format: PyTorch/Pickle

Risk: CRITICAL (Legacy Binary) | Framework: PyTorch | Legal: UNKNOWN | License: Unknown

First detected: 5/3/2026 | View on HF

facebook/opt-125m

Security: MEDIUM Legal: None Format: PyTorch/Pickle

Risk: MEDIUM (Pickle Present) | Framework: PyTorch | Legal: UNKNOWN | License: Unknown

First detected: 5/3/2026 | View on HF

distilbert/distilgpt2

Security: CRITICAL Legal: None Format: PyTorch/Pickle

Risk: CRITICAL (Legacy Binary) | Framework: PyTorch | Legal: UNKNOWN | License: Unknown

First detected: 5/3/2026 | View on HF

mistralai/Mistral-7B-Instruct-v0.2

Security: MEDIUM Legal: None Format: PyTorch/Pickle

Risk: MEDIUM (Pickle Present) | Framework: PyTorch | Legal: UNKNOWN | License: Unknown

First detected: 5/3/2026 | View on HF

EleutherAI/pythia-160m

Security: MEDIUM Legal: None Format: PyTorch/Pickle

Risk: MEDIUM (Pickle Present) | Framework: PyTorch | Legal: UNKNOWN | License: Unknown

First detected: 5/3/2026 | View on HF

Recent Activity

AISBOM does not coordinate with model authors before publishing advisories. We rely entirely on what our scanner observes when fetching the model's metadata over HTTP. Findings represent the state of the model at the time of the most recent scan and may not reflect updates published after that time.

If you are the maintainer of a flagged model and believe the finding is incorrect, please open an issue at Lab700xOrg/aisbom or email advisories@aisbom.io. We will rescan and update the advisory promptly.

Findings are not legal advice. Severity ratings reflect AISBOM's heuristic assessment, not a formal CVE.