CVE-2025-3677
Published
CVSS v3
5.3
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function split_files/apply_delta_low_cpu_mem of the file fastchat/model/apply_delta.py. The manipulation leads to deserialization. An attack has to be approached locally.
An open platform for training, serving, and evaluating large language models. Release repo for Vicuna and Chatbot Arena.
GitHub