1133 matches found
BIT-PYTORCH-2026-4538 PyTorch pt2 Loading deserialization
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
PT-2026-36130
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx_11_0_arm64.whl which is vulnerable to CVE-2026-24747
Summary IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx110arm64.whl which is vulnerable to CVE-2026-24747, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24747 DESCRIPTION:...
CVE-2026-34445 affecting package pytorch for versions less than 2.2.2-14
CVE-2026-34445 affecting package pytorch for versions less than 2.2.2-14. A patched version of the package is available...
CVE-2026-34446 affecting package pytorch for versions less than 2.2.2-14
CVE-2026-34446 affecting package pytorch for versions less than 2.2.2-14. A patched version of the package is available...
CVE-2026-1839
A flaw was found in HuggingFace Transformers. A remote attacker can exploit this vulnerability by supplying a specially crafted checkpoint file e.g., rngstate.pth. The loadrngstate method in the Trainer class loads this file using torch.load without proper validation, specifically missing the...
PT-2026-30793
Name of the Vulnerable Software and Affected Versions HuggingFace Transformers versions prior to 5.0.0rc3 Description A flaw exists in the Trainer class within the HuggingFace Transformers library. The load rng state method, located in src/transformers/trainer.py at line 3059, utilizes torch.load...
CVE-2025-33244
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
EUVD-2025-208972
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
CVE-2025-33244
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
CVE-2025-33244
Summary: CVE-2025-33244 is addressed in NVIDIA Apex for Linux. The issue involves deserialization of untrusted data in NVIDIA APEX (affecting environments using PyTorch
CVE-2025-33244
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
CVE-2025-33244
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
CVE-2025-33244
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of...
Security Bulletin: NVIDIA Apex - March 2026
NVIDIA has released an update for NVIDIA® Apex to address a security issue. To protect your system, clone or update NVIDIA Apex to include commit db8e053 or later from NVIDIA Apex. Ensure that your environment uses PyTorch 2.6 or later from PyTorch. Go to NVIDIA Product Security. Details The...
PT-2026-27504
Name of the Vulnerable Software and Affected Versions NVIDIA APEX for Linux affected versions not specified Description The software contains a flaw where an attacker could cause deserialization of untrusted data. A successful exploit could lead to code execution, denial of service, escalation of...
Linux Distros Unpatched Vulnerability : CVE-2026-4538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to...
EUVD-2026-14280
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
PYSEC-2026-139
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
PYSEC-2026-139
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...