Critical AI Python Package Flaw Exposes Systems to Severe Risks

A critical flaw, CVE-2024-34359, dubbed "Llama Drama," has been discovered in the AI Python package llama_cpp_python. This vulnerability, related to the Jinja2 template rendering tool, allows arbitrary code execution, putting systems and data at risk. The issue affects over 6,000 AI models on platforms like Hugging Face. The vulnerability has been patched in the latest release.

Read more about this security threat on SecurityWeek here.