Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx_11_0_arm64.whl which is vulnerable to CVE-2026-24747

Summary IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx110arm64.whl which is vulnerable to CVE-2026-24747, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24747 DESCRIPTION:...

CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-13

CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-13. A patched version of the package is available...

CVE-2025-3001 affecting package pytorch for versions less than 2.0.0-12

CVE-2025-3001 affecting package pytorch for versions less than 2.0.0-12. A patched version of the package is available...

Security Bulletin: The IBM Maximo Application Suite AI-Service component uses multiple third-party dependencies that contain vulnerabilities associated with multiple CVEs.

Summary The IBM Maximo Application Suite AI-Service component uses "FlaskCors-4.0.2-py2.py3-none-any.whl, langchaincommunity-0.3.3-py3-none-any.whl, langchaincore-0.3.29-py3-none-any.whl, langchaintextsplitters-0.3.5-py3-none-any.whl, pdfminersix-20250327-py3-none-any.whl,...

BIT-PYTORCH-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-24747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to...

CVE-2026-24747

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2026-24747

PyTorch prior to v2.10.0 is vulnerable to memory corruption and potential arbitrary code execution via the weights_only unpickler when loading a malicious .pth checkpoint with torch.load(..., weights_only=True). Affected software is PyTorch (Python tensor computation package); the issue is fixed ...

Azure Linux 3.0 Security Update: pytorch (CVE-2024-7776)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7776 advisory. - A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16....

Azure Linux 3.0 Security Update: pytorch (CVE-2024-5187)

The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5187 advisory. - A vulnerability in the downloadmodelwithtestdata function of the onnx/onnx framework, version 1.16.0, allows...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-3730]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch, caused by a flaw in PyTorch 2.6.0 that affects the function torch.nn.functional.ctc CVE-2025-3730. PyTorch is used in our service runtimes. This vulnerabilitiy has been addressed...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-2953]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch, due to an issue found in PyTorch 2.6.0+cu124 that affects the function torch.mkldnnmaxpool2d CVE-2025-2953. PyTorch is used in our service runtimes. This vulnerabilitiy has been...

CVE-2025-46152 affecting package pytorch for versions less than 2.2.2-9

CVE-2025-46152 affecting package pytorch for versions less than 2.2.2-9. A patched version of the package is available...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses torch - 2.2.0+cpu which is vulnerable to CVE-2025-32434.

Summary IBM Maximo Application Suite - Monitor Component uses torch - 2.2.0+cpu which is vulnerable to CVE-2025-32434. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-32434 DESCRIPTION: PyTorch is a Python package that provides tensor...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by torch

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by torch Vulnerability Details CVEID:CVE-2025-2953 DESCRIPTION: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch Vulnerability Details CVEID:CVE-2025-3730 DESCRIPTION: A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of...

NewStart CGSL MAIN 7.02 : pytorch Vulnerability (NS-SA-2025-0250)

The remote NewStart CGSL host, running version MAIN 7.02, has pytorch packages installed that are affected by a vulnerability: - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-2148 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-4287 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this...

EUVD-2024-1105

Malicious code in bioql PyPI...