CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

BIT-PYTORCH-2024-48063

In PyTorch =2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing...

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Executive summary Recent threat research highlights a growing risk in the Python and machine learning ML ecosystem: the exploitation of serialized model files, specifically those using Python’s pickle module. While commonly used for saving and loading ML models, pickle files can execute arbitrary...

executorch 安全漏洞

executorch is a PyTorch deployment tool from pytorch open source. A security vulnerability exists in executorch that stems from a heap buffer overflow when loading ExecuTorch methods, which could lead to code execution...

CBL Mariner 2.0 Security Update: pytorch (CVE-2025-2953)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2953 advisory. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by thi...

Azure Linux 3.0 Security Update: pytorch (CVE-2025-2953)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2953 advisory. - A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by thi...

CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9

CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9. A patched version of the package is available...

PT-2025-38137

Name of the Vulnerable Software and Affected Versions mmaitre314 picklescan versions up to and including 0.0.30 Description An Improper Input Validation vulnerability exists in the scanning logic of picklescan. This flaw allows a remote attacker to bypass pickle files security checks by supplying...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from a python component that could allow an attacker to perform code injection...

BIT-PYTORCH-2024-31583

Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp...

BIT-PYTORCH-2024-31580

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/varargfunctions.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

编号撤回

update is a library from Aaron's personal developer. serve is a PyTorch open source application for provisioning, optimizing, and scaling PyTorch models in production. This CVE number has been withdrawn...

BIT-PYTORCH-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...

BIT-PYTORCH-2025-3001 PyTorch torch.lstm_cell memory corruption

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

BIT-PYTORCH-2025-3000 PyTorch torch.jit.script memory corruption

A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

BIT-PYTORCH-2025-2999 PyTorch torch.nn.utils.rnn.unpack_sequence memory corruption

A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpacksequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

BIT-PYTORCH-2025-2998 PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruption

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.padpackedsequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the...

BIT-PYTORCH-2025-3730 PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

BIT-PYTORCH-2025-3136 PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.cachingallocatordelete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The...

CVE-2025-2953 affecting package pytorch for versions less than 2.2.2-7

CVE-2025-2953 affecting package pytorch for versions less than 2.2.2-7. A patched version of the package is available...