Security researchers have discovered a new vulnerability in Hugging Face's Safetensors conversion service, potentially leading to supply chain attacks and compromising user-submitted models. A surge in high-risk open-source vulnerabilities has been found in commercial codebases, with a report revealing a troubling escalation in such vulnerabilities within these codebases. The Synopsys Report indicates that 74% of codebases harbor high-risk open source vulnerabilities, showing a 54% increase.