ML ecosystem security · public artifact

An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

A cross-platform study of model-loading risk across five ML hosting ecosystems, using static analysis, malware-signature scanning, and analysis of more than 600 developer discussions.

Status
Under review at ICSE 2027
Public artifact
arXiv, submitted 2026
Last verified
2026-07-10

The study examines how custom code and artifacts enter model-hosting workflows, then maps recurring technical risks and developer misconceptions without treating model popularity as a proxy for safety.

Read on arXivPDFResearch dossier