Details

A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vulnerability occurs in the post_process_single() function, where a regular expression processes specially crafted input. The issue stems from the regex exhibiting exponential time complexity under certain conditions, leading to excessive backtracking. This can result in significantly high CPU usage and potential application downtime, effectively creating a Denial of Service (DoS) scenario. The affected version is v4.46.3.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-12720
• https://github.com/huggingface/transformers/commit/deac971c469bcbb182c2e52da0b82fb3bf54cccf
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/4bed1214-7835-4252-a853-22bbad891f98

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.

Severity

• CVSS Score: 7.5 / 10 (High)
• Vector String: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-11392
• https://github.com/huggingface/transformers/issues/34840
• https://github.com/huggingface/transformers/pull/35296
• https://github.com/huggingface/transformers
• https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2024-227.yaml
• https://www.zerodayinitiative.com/advisories/ZDI-24-1513

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://www.zerodayinitiative.com/advisories/ZDI-24-1514/

This data is provided by OSV and the PyPI Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://www.zerodayinitiative.com/advisories/ZDI-24-1515/

This data is provided by OSV and the PyPI Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://www.zerodayinitiative.com/advisories/ZDI-24-1513/

This data is provided by OSV and the PyPI Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-11394
• https://github.com/huggingface/transformers/issues/34840
• https://github.com/huggingface/transformers/pull/35296
• https://github.com/huggingface/transformers
• https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2024-229.yaml
• https://www.zerodayinitiative.com/advisories/ZDI-24-1515

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-11393
• https://github.com/huggingface/transformers/issues/34840
• https://github.com/huggingface/transformers/pull/35296
• https://github.com/huggingface/transformers
• https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2024-228.yaml
• https://www.zerodayinitiative.com/advisories/ZDI-24-1514

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A vulnerability in the preprocess_string() function of the transformers.testing_utils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

Severity

• CVSS Score: 7.5 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

• https://huntr.com/bounties/97b780f3-ffca-424f-ad5d-0e1c57a5bde4
• https://github.com/huggingface/transformers/commit/8cb522b4190bd556ce51be04942720650b1a3e57

This data is provided by OSV and the PyPI Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_gpt_neox_japanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions process specially crafted inputs. The issue stems from a regex exhibiting exponential complexity under certain conditions, leading to excessive backtracking. This can result in high CPU usage and potential application downtime, effectively creating a Denial of Service (DoS) scenario. The affected version is v4.48.1 (latest).

Severity

• CVSS Score: 4.3 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-1194
• https://github.com/huggingface/transformers/commit/92c5ca9dd70de3ade2af2eb835c96215cc50e815
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/86f58dcd-683f-4adc-a735-849f51e9abb2

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) exists in the preprocess_string() function of the transformers.testing_utils module. In versions before 4.50.0, the regex used to process code blocks in docstrings contains nested quantifiers that can trigger catastrophic backtracking when given inputs with many newline characters. An attacker who can supply such input to preprocess_string() (or code paths that call it) can force excessive CPU usage and degrade availability.

Fix: released in 4.50.0, which rewrites the regex to avoid the inefficient pattern. ([GitHub][1])

• Affected: < 4.50.0
• Patched: 4.50.0

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-2099
• https://github.com/huggingface/transformers/pull/36648
• https://github.com/huggingface/transformers/commit/8cb522b4190bd556ce51be04942720650b1a3e57
• https://github.com/huggingface/transformers
• https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2025-40.yaml
• https://huntr.com/bounties/97b780f3-ffca-424f-ad5d-0e1c57a5bde4

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the get_configuration_file() function within the transformers.configuration_utils module. The affected version is 4.49.0, and the issue is resolved in version 4.51.0. The vulnerability arises from the use of a regular expression pattern config\.(.*)\.json that can be exploited to cause excessive CPU consumption through crafted input strings, leading to catastrophic backtracking. This can result in model serving disruption, resource exhaustion, and increased latency in applications using the library.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-3263
• https://github.com/huggingface/transformers/commit/0720e206c6ba28887e4d60ef60a6a089f6c1cc76
• https://github.com/huggingface/transformers/commit/126abe3461762e5fc180e7e614391d1b4ab051ca
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/c7a69150-54f8-4e81-8094-791e7a2a0f29

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the get_imports() function within dynamic_module_utils.py. This vulnerability affects versions 4.49.0 and is fixed in version 4.51.0. The issue arises from a regular expression pattern \s*try\s*:.*?except.*?: used to filter out try/except blocks from Python code, which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to remote code loading disruption, resource exhaustion in model serving, supply chain attack vectors, and development pipeline disruption.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-3264
• https://github.com/huggingface/transformers/commit/0720e206c6ba28887e4d60ef60a6a089f6c1cc76
• https://github.com/huggingface/transformers/commit/126abe3461762e5fc180e7e614391d1b4ab051ca
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/3c6f7822-9992-476d-8cf0-b0b1623427df

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the image_utils.py file. The vulnerability arises from insecure URL validation using the startswith() method, which can be bypassed through URL username injection. This allows attackers to craft URLs that appear to be from YouTube but resolve to malicious domains, potentially leading to phishing attacks, malware distribution, or data exfiltration. The issue is fixed in version 4.52.1.

Severity

• CVSS Score: 3.5 / 10 (Low)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-3777
• https://github.com/huggingface/transformers/commit/4dda5f71b35fb70cf602187eef84bb17a50b9082
• https://github.com/huggingface/transformers
• https://github.com/huggingface/transformers/blame/a7d2bbaaa8aac64f7c1ee8c1421cfe84b38359a4/src/transformers/image_utils.py
• https://huntr.com/bounties/ccba0730-9248-4853-b7ff-5c20e6364f09

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json() method. This vulnerability affects versions 4.51.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern <s_(.*?)> which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-3933
• https://github.com/huggingface/transformers/pull/37788
• https://github.com/huggingface/transformers/commit/ebbe9b12dd75b69f92100d684c47f923ee262a93
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/25282953-5827-4384-bb6f-5790d275721b

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalize_numbers() method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises from the method's handling of numeric strings, which can be exploited using crafted input strings containing long sequences of digits, leading to excessive CPU consumption. This vulnerability impacts text-to-speech and number normalization tasks, potentially causing service disruption, resource exhaustion, and API vulnerabilities.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-6051
• https://github.com/huggingface/transformers/pull/38844
• https://github.com/huggingface/transformers/commit/54a02160eb030da9be18231c77791f2eb3a52216
• https://github.com/huggingface/transformers/commit/ba8eaba9865618253f997784aa565b96206426f0
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/af929523-7b59-418a-bf55-301830b2ac9d

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically affecting the MarianTokenizer's remove_language_code() method. This vulnerability is present in version 4.52.4 and has been fixed in version 4.53.0. The issue arises from inefficient regex processing, which can be exploited by crafted input strings containing malformed language code patterns, leading to excessive CPU consumption and potential denial of service.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-6638
• https://github.com/huggingface/transformers/commit/47c34fba5c303576560cb29767efb452ff12b8be
• https://github.com/huggingface/transformers/commit/d37f7517972f67e3f2194c000ed0f87f064e5099
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/6a6c933f-9ce8-4ded-8b3b-2c1444c61f36

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer. The vulnerability arises from the _do_use_weight_decay method, which processes user-controlled regular expressions in the include_in_weight_decay and exclude_from_weight_decay lists. Malicious regular expressions can cause catastrophic backtracking during the re.search call, leading to 100% CPU utilization and a denial of service. This issue can be exploited by attackers who can control the patterns in these lists, potentially causing the machine learning task to hang and rendering services unresponsive.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-6921
• https://github.com/huggingface/transformers/commit/47c34fba5c303576560cb29767efb452ff12b8be
• https://github.com/huggingface/transformers/commit/d37f7517972f67e3f2194c000ed0f87f064e5099
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/287d15a7-6e7c-45d2-8c05-11e305776f1f

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Details

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the convert_tf_weight_name_to_pt_weight_name() function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern /[^/]*___([^/]*)/ that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-5197
• https://github.com/huggingface/transformers/commit/701caef704e356dc2f9331cc3fd5df0eccb4720a
• https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b
• https://github.com/huggingface/transformers
• https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

v4.53.0

Compare Source

Release v4.53.0

Gemma3n

Gemma 3n models are designed for efficient execution on low-resource devices. They are capable of multimodal input, handling text, image, video, and audio input, and generating text outputs, with open weights for pre-trained and instruction-tuned variants. These models were trained with data in over 140 spoken languages.

Gemma 3n models use selective parameter activation technology to reduce resource requirements. This technique allows the models to operate at an effective size of 2B and 4B parameters, which is lower than the total number of parameters they contain. For more information on Gemma 3n's efficient parameter management technology, see the Gemma 3n page.

from transformers import pipeline
import torch

pipe = pipeline(
    "image-text-to-text",
    torch_dtype=torch.bfloat16,
    model="google/gemma-3n-e4b",
    device="cuda",
)
output = pipe(
    "https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/bee.jpg",
    text="<image_soft_token> in this image, there is"
)

print(output)

Dia

Dia is an opensource text-to-speech (TTS) model (1.6B parameters) developed by Nari Labs.
It can generate highly realistic dialogue from transcript including nonverbal communications such as laughter and coughing.
Furthermore, emotion and tone control is also possible via audio conditioning (voice cloning).

Model Architecture:
Dia is an encoder-decoder transformer based on the original transformer architecture. However, some more modern features such as
rotational positional embeddings (RoPE) are also included. For its text portion (encoder), a byte tokenizer is utilized while
for the audio portion (decoder), a pretrained codec model DAC is used - DAC encodes speech into discrete codebook
tokens and decodes them back into audio.

• Add Dia model by @​buttercrab in #​38405

Kyutai Speech-to-Text

Kyutai STT is a speech-to-text model architecture based on the Mimi codec, which encodes audio into discrete tokens in a streaming fashion, and a Moshi-like autoregressive decoder. Kyutai’s lab has released two model checkpoints:

• kyutai/stt-1b-en_fr: a 1B-parameter model capable of transcribing both English and French
• kyutai/stt-2.6b-en: a 2.6B-parameter model focused solely on English, optimized for maximum transcription accuracy

• Add kyutai stt by @​eustlb in #​38909

Read more about the model in the documentation

V-JEPA 2

V-JEPA 2 is a self-supervised approach to training video encoders developed by FAIR, Meta. Using internet-scale video data, V-JEPA 2 attains state-of-the-art performance on motion understanding and human action anticipation tasks. V-JEPA 2-AC is a latent action-conditioned world model post-trained from V-JEPA 2 (using a small amount of robot trajectory interaction data) that solves robot manipulation tasks without environment-specific data collection or task-specific training or calibration.

• Add V-JEPA 2 by @​qubvel in #​38746

Read more about the model in the documentation.

Arcee

Arcee is a decoder-only transformer model based on the Llama architecture with a key modification: it uses ReLU² (ReLU-squared) activation in the MLP blocks instead of SiLU, following recent research showing improved training efficiency with squared activations. This architecture is designed for efficient training and inference while maintaining the proven stability of the Llama design.

The Arcee model is architecturally similar to Llama but uses x * relu(x) in MLP layers for improved gradient flow and is optimized for efficiency in both training and inference scenarios.

• Add Arcee model support by @​Crystalcareai in #​38621

Read more about the model in the documentation.

ColQwen2

ColQwen2 is a variant of the ColPali model designed to retrieve documents by analyzing their visual features. Unlike traditional systems that rely heavily on text extraction and OCR, ColQwen2 treats each page as an image. It uses the Qwen2-VL backbone to capture not only text, but also the layout, tables, charts, and other visual elements to create detailed multi-vector embeddings that can be used for retrieval by computing pairwise late interaction similarity scores. This offers a more comprehensive understanding of documents and enables more efficient and accurate retrieval.

• Add ColQwen2 to 🤗 transformers by @​tonywu71 in #​35778

Read more about the model in the documentation.

MiniMax

MiniMax is a powerful language model with 456 billion total parameters, of which 45.9 billion are activated per token. To better unlock the long context capabilities of the model, MiniMax adopts a hybrid architecture that combines Lightning Attention, Softmax Attention and Mixture-of-Experts (MoE). Leveraging advanced parallel strategies and innovative compute-communication overlap methods—such as Linear Attention Sequence Parallelism Plus (LASP+), varlen ring attention, Expert Tensor Parallel (ETP), etc., MiniMax's training context length is extended to 1 million tokens, and it can handle a context of up to 4 million tokens during the inference. On various academic benchmarks, MiniMax also demonstrates the performance of a top-tier model.

The architecture of MiniMax is briefly described as follows:

• Total Parameters: 456B
• Activated Parameters per Token: 45.9B
• Number Layers: 80
• Hybrid Attention: a softmax attention is positioned after every 7 lightning attention.
  • Number of attention heads: 64
  • Attention head dimension: 128
• Mixture of Experts:
  • Number of experts: 32
  • Expert hidden dimension: 9216
  • Top-2 routing strategy
• Positional Encoding: Rotary Position Embedding (RoPE) applied to half of the attention head dimension with a base frequency of 10,000,000
• Hidden Size: 6144
• Vocab Size: 200,064

For more details refer to the release blog post.

• Add support for MiniMax's MiniMax-Text-01 by @​geetu040 in #​35831

Read more about the model in the documentation.

Encoder-Decoder Gemma

T5Gemma (aka encoder-decoder Gemma) was proposed in a research paper by Google. It is a family of encoder-decoder large langauge models, developed by adapting pretrained decoder-only models into encoder-decoder. T5Gemma includes pretrained and instruction-tuned variants. The architecture is based on transformer encoder-decoder design following T5, with improvements from Gemma 2: GQA, RoPE, GeGLU activation, RMSNorm, and interleaved local/global attention.

T5Gemma has two groups of model sizes: 1) Gemma 2 sizes (2B-2B, 9B-2B, and 9B-9B), which are based on the offical Gemma 2 models (2B and 9B); and 2) T5 sizes (Small, Base, Large, and XL), where are pretrained under the Gemma 2 framework following T5 configuration. In addition, we also provide a model at ML size (medium large, ~2B in total), which is in-between T5 Large and T5 XL.

The pretrained varaints are trained with two objectives: prefix language modeling with knowledge distillation (PrefixLM) and UL2, separately. We release both variants for each model size. The instruction-turned varaints was post-trained with supervised fine-tuning and reinforcement learning.

• Encoder-Decoder Gemma by @​bzhangGo in #​38332

Read more about the model in the documentation.

GLM-4.1V

The GLM-4.1V model architecture is added to transformers; no models have yet been released with that architecture. Stay tuned for the GLM team upcoming releases!

• GLM-4.1V Model support by @​zRzRzRzRzRzRzR in #​38431

Read more about the model in the documentation.

Falcon H1

The FalconH1 model was developed by the TII Pretraining team. A comprehensive research paper covering the architecture, pretraining dynamics, experimental results, and conclusions is forthcoming. You can read more about this series in this website.

• [MODEL] Add Falcon H1 by @​younesbelkada in #​38249

Read more about the model in the documentation.

LightGlue

The LightGlue model was proposed in LightGlue: Local Feature Matching at Light Speed
by Philipp Lindenberger, Paul-Edouard Sarlin and Marc Pollefeys.

Similar to SuperGlue, this model consists of matching
two sets of local features extracted from two images, its goal is to be faster than SuperGlue. Paired with the
SuperPoint model, it can be used to match two images and
estimate the pose between them. This model is useful for tasks such as image matching, homography estimation, etc.

The abstract from the paper is the following:

We introduce LightGlue, a deep neural network that learns to match local features across images. We revisit multiple
design decisions of SuperGlue, the state of the art in sparse matching, and derive simple but effective improvements.
Cumulatively, they make LightGlue more efficient - in terms of both memory and computation, more accurate, and much
easier to train. One key property is that LightGlue is adaptive to the difficulty of the problem: the inference is much
faster on image pairs that are intuitively easy to match, for example because of a larger visual overlap or limited
appearance change. This opens up exciting prospects for deploying deep matchers in latency-sensitive applications like
3D reconstruction. The code and trained models are publicly available at this https URL

• Add LightGlue model by @​sbucaille in #​31718

Read more about the model in the documentation.

dots.llm1

The abstract from the report is the following:

Mixture of Experts (MoE) models have emerged as a promising paradigm for scaling language models efficiently by activating only a subset of parameters for each input token. In this report, we present dots.llm1, a large-scale MoE model that activates 14B parameters out of a total of 142B parameters, delivering performance on par with state-of-the-art models while reducing training and inference costs. Leveraging our meticulously crafted and efficient data processing pipeline, dots.llm1 achieves performance comparable to Qwen2.5-72B after pretraining on high-quality corpus and post-training to fully unlock its capabilities. Notably, no synthetic data is used during pretraining. To foster further research, we open-source intermediate training checkpoints spanning the entire training process, providing valuable insights into the learning dynamics of large language models.

• [Model] add dots1 by @​redmoe-moutain in #​38143

Read more about the model in the documentation.

SmolLM3

SmolLM3 is a fully open, compact language model designed for efficient deployment while maintaining strong performance. It uses a Transformer decoder architecture with Grouped Query Attention (GQA) to reduce the kv cache, and no RoPE, enabling improved performance on long-context tasks. It is trained using a multi-stage training approach on high-quality public datasets across web, code, and math domains. The model is multilingual and supports very large context lengths. The instruct variant is optimized for reasoning and tool use.

• Add SmolLM3 by @​anton-l in #​38755

Read more about the model in the documentation.

Performance optimizations

Kernels

In previous versions, installing the kernels library would automatically activate the custom kernels added to transformers, because the @use_kernel_forward_from_the_hub decorator directly swapped out the model’s forward method. This implicit behavior caused several issues for users — including problems with torch.compile, non-determinism, and inconsistent outputs.

To address this, we've introduced a new opt-in mechanism called kernelize. You can now enable kernel usage explicitly by passing use_kernels=True to from_pretrained. The use_kernel_forward_from_the_hub decorator now simply stores the kernel name that the user wants to use — and kernelize handles the rest under the hood.

Example

from transformers import AutoModelForCausalLM, AutoTokenizer
import torch

model = AutoModelForCausalLM.from_pretrained(
    "meta-llama/Llama-3.2-1B-Instruct",
    torch_dtype=torch.bfloat16,
    device_map="cuda",
    use_kernels=True
)
tokenizer = 

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone America/Toronto, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/redhat-ai-dev/developer-images).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xODUuNCIsInVwZGF0ZWRJblZlciI6IjQxLjE1Ni4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZWJvdCJdfQ==-->