Use of Out-of-range Pointer Offset

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An...

Inefficient CPU Computation

Overview Affected versions of this package are vulnerable to Inefficient CPU Computation due to inconsistent behavior in the bernoullip function when used in RNG nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d. An attacker can cause unintended or incorrect dropout behavior in neural network layers b...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the nn.Fold function when used with inductor. An attacker can cause the application to terminate unexpectedly by triggering a buffer overflow error. Remediation Upgrade pytorch/pytorch to version 2.7.0-rc1 or...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. An integer overflow vulnerability exists in the PyTorch torch.nantonum-.long component, no details of the vulnerability are available at this time...

CVE-2025-55554

pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nantonum-.long...

CVE-2025-55552

pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randnlike are used together...

CVE-2025-55554

PyTorch v2.8.0 has an integer overflow in the torch.nan_to_num-.long() path (CVE-2025-55554). This is reported across multiple sources (NVD, OSV, CNVD, etc.). The connected documents do not provide concrete exploit details or available patches/remediation. No exploitation status is given in the s...

CVE-2025-46152

In PyTorch before 2.7.0, bitwiserightshift produces incorrect output for certain out-of-bounds values of the "other" argument...

PT-2025-39380

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.7.0 Description When inductor is used, nn.Fold experiences an assertion error. Recommendations Update to version 2.7.0 or later...

PT-2025-39381

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.7.0 Description When torch.compile is used, the FractionalMaxPool2d function exhibits inconsistent results. This issue affects the accuracy of computations involving this specific function within the PyTorch...

CVE-2025-55551

CVE-2025-55551 affects PyTorch (torch.linalg.lu) and is described as an issue in PyTorch v2.8.0 where a slice operation can cause a Denial of Service. The connected IBM bulletin lists the Torch wheel (torch-2.9.1) among vulnerable dependencies, but the provided materials do not include explicit r...

CVE-2025-55554

pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nantonum-.long...

CVE-2025-55551

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service DoS when performing a slice operation...

CVE-2025-46153

PyTorch before 3.7.0 has a bernoullip decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallbackrandom=True...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from unexpected behavior when the torch.rot90 and torch.randnlike components are used together, no details of the vulnerability are provided at this time...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from a name error when compiling a model containing torch.cummin using Inductor, which can be exploited by an attacker to cause a denial of service...

CVE-2025-55552

pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randnlike are used together...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from the bitwiserightshift function mishandling the boundary value of the OTHER parameter, which can be exploited by an attacker to cause an output error...

CVE-2025-46153

CVE-2025-46153 affects PyTorch before 3.7.0, where a bernoulli_p decompos e function in decompositions.py is not fully consistent with the eager CPU implementation. This inconsistency negatively affects nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True. Connected documents pr...