Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Serious AI bugs, specifically remote code execution flaws, have been discovered in inference engines from Meta, Nvidia, and Microsoft, stemming from unsafe code reuse of ZeroMQ and Python’s pickle deserialization. These vulnerabilities, dubbed ShadowMQ, could allow attackers to execute arbitrary code, steal models, or deploy malicious payloads.