CVE-2026-24747

A flaw was found in PyTorch, a Python package for tensor computation. A remote attacker could craft a malicious checkpoint file, which, when loaded using the weightsonly unpickler, could lead to memory corruption. This vulnerability may enable an attacker to achieve arbitrary code execution on th...

AZL-75293 CVE-2026-24747 affecting package pytorch for versions less than 2.2.2-11

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

AZL-75588 CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-14

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

DEBIAN-CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

UBUNTU-CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

EUVD-2026-4738

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

GHSA-63CW-57P8-FM3P PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

jbd2: prevent softlockup in jbd2_log_do_checkpoint()

...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002973 advisory. The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, whic...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

Exploit for Out-of-bounds Write in Mikrotik Routeros

Mikrotik Exploit Scan and Export RouterOS Password A security...

Arbitrary Code Execution via Unsafe torch.load() in Trainer Checkpoint Loading

Summary A critical arbitrary code execution vulnerability exists in HuggingFace Transformers' Trainer class. The loadrngstate method at src/transformers/trainer.py:3059 calls torch.load without the weightsonly=True parameter. While a safeglobals context manager wraps this call, it provides no...