CVE-2025-3165

A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0. This affects the function torch.load of the file chitu/chitu/backend.py. The manipulation of the argument ckptpath/quantckptdir leads to deserialization. An attack has to be approached locally...

Chitu 代码问题漏洞

Chitu is thu-pacman open source a high performance reasoning framework for large language models. A code issue vulnerability exists in Chitu version 0.1.0, which stems from the fact that incorrect manipulation of the parameter ckptpath/quantckptdir can lead to deserialization issues...