PT-2025-7327 · Pytorch +1 · Pytorch +1
Name of the Vulnerable Software and Affected Versions: InvokeAI affected versions not specified Description: The issue concerns an unsafely deserialized file download in the backend, potentially allowing remote code execution RCE through PyTorch's torch.load function. Recommendations: At the...