CVE-2026-58116: Unvalidated Model Paths Enable Remote Code Execution in LLaMA-Factory — Casky — Casky