31 matches found
CVE-2025-32434
PyTorch contains a Remote Command Execution (RCE) vulnerability in versions 2.5.1 and earlier when loading a model with torch.load and weights_only=True. The issue is publicly documented and has been patched in version 2.6.0. External notices reiterate that upgrading to 2.6.0+ mitigates the flaw;...
CVE-2025-3001
CVE-2025-3001 affects PyTorch 2.6.0, specifically the torch.lstm_cell function, causing memory corruption. Exploitation requires LOCAL access, and public disclosures exist. Multiple connected sources confirm a patched version is available; remediation guidance is to upgrade to a patched release, ...
CVE-2025-2953
CVE-2025-2953 affects PyTorch 2.6.0+cu124, specifically the mkldnn_max_pool2d function. The issue can lead to denial of service via local access, with an exploit publicly disclosed and the vulnerability’s real existence doubted in the description. The connected IBM bulletin references PyTorch in ...
CVE-2026-24747
PyTorch prior to v2.10.0 is vulnerable to memory corruption and potential arbitrary code execution via the weights_only unpickler when loading a malicious .pth checkpoint with torch.load(..., weights_only=True). Affected software is PyTorch (Python tensor computation package); the issue is fixed ...
CVE-2024-48063
In PyTorch
CVE-2025-3730
CVE-2025-3730 affects PyTorch 2.6.0 in multiple IBM advisories and related deployments, notably the torch.nn.functional.ctc_loss path in LossCTC.cpp, which can cause local-denial-of-service. IBM docs consistently reference the same patching signal (46fc5d8e360127361211cb237d5f9eef0223e567) and pr...
CVE-2022-45907
CVE-2022-45907 is a PyTorch vulnerability where torch.jit.annotations.parse_type_line uses eval unsafely, enabling arbitrary code execution. Documented impact is high (CRITICAL, CVSS 3.1/3.0 vectors with 9.8 base score). Affected IBM products include Watson Studio for Cloud Pak for Data (versions...
CVE-2024-31584
CVE-2024-31584 affects PyTorch before v2.2.0 and is caused by an out-of-bounds read in the torch/csrc/jit/mobile/flatbuffer_loader.cpp. Affected software is PyTorch up to 2.1.x; exploitation could arise from processing crafted input via the flatbuffer loader, with the documented impact being an o...
CVE-2024-31580
CVE-2024-31580 affects PyTorch prior to 2.2.0, due to a heap-based buffer overflow in /runtime/vararg_functions.cpp. A crafted input can cause a Denial of Service. The available connected documents indicate vulnerable PyTorch versions and a clear remediation: upgrade to PyTorch 2.2.0 or newer (or...
CVE-2025-3000
CVE-2025-3000 is confirmed to affect PyTorch 2.6.0, with the vulnerable component being the function torch.jit.script, leading to memory corruption. The IBM security bulletins in the connected documents validate a local-attack risk and note public exploits. Remediation is to upgrade affected IBM ...
CVE-2025-2149
CVE-2025-2149 affects PyTorch 2.6.0+cu124, specifically the Quantized Sigmoid Module’s nnq_Sigmoid func. The issue stems from improper initialization caused by manipulation of scale/zero_point, enabling a local attack with high attack complexity; exploitation has been disclosed. Connected IBM adv...
CVE-2025-2998
CVE-2025-2998 affects PyTorch 2.6.0, specifically the function torch.nn.utils.rnn.pad_packed_sequence, causing memory corruption. The issue requires local access; the exploit has been disclosed publicly. The provided documents do not specify a patched version or remediation steps. Monitor for upd...
CVE-2024-31583
CVE-2024-31583 affects PyTorch due to a use-after-free flaw in torch/csrc/jit/mobile/interpreter.cpp. Affected versions: PyTorch prior to 2.2.0; the issue enables denial of service when a victim opens crafted content. Exploitation details are not provided beyond the vulnerability description in t...
CVE-2025-2999
CVE-2025-2999 affects PyTorch 2.6.0, specifically the function torch.nn.utils.rnn.unpack_sequence, where manipulation leads to memory corruption. Exploitation requires local access; the exploit has been disclosed publicly. Multiple external sources in connected documents corroborate the local att...
CVE-2025-2148
CVE-2025-2148 : PyTorch 2.6.0+cu124 contains a vulnerability affecting torch.ops.profiler._call_end_callbacks_on_jit_fut in the Tuple Handler. Manipulating the argument None can cause memory corruption. The report notes a remote attack with high impact and high attack complexity; no explicit reme...
CVE-2025-3136
CVE-2025-3136 is reported in PyTorch 2.6.0 affecting the function torch.cuda.memory.caching_allocator_delete in c10/cuda/CUDACachingAllocator.cpp. The issue causes memory corruption and requires local access to exploit; the exploit has been disclosed publicly. Connected sources corroborate the sa...
CVE-2025-3121
CVE-2025-3121 affects PyTorch 2.6.0, specifically the function torch.jit.jit_module_from_flatbuffer. The manipulation can lead to memory corruption, requiring local access. The exploit has been disclosed publicly and may be used. The available connected documents corroborate the issue, its local ...
CVE-2025-55551
CVE-2025-55551 affects PyTorch (torch.linalg.lu) and is described as an issue in PyTorch v2.8.0 where a slice operation can cause a Denial of Service. The connected IBM bulletin lists the Torch wheel (torch-2.9.1) among vulnerable dependencies, but the provided materials do not include explicit r...
CVE-2026-4538
CVE-2026-4538 : PyTorch 2.10.0 contains a deserialization vulnerability in an unknown function of the pt2 Loading Handler. The issue can be exploited from a local environment and the exploit is publicly available. The description notes that the problem was reported via a pull request before the v...
CVE-2025-55553
CVE-2025-55553 is described across sources as a DoS vulnerability in PyTorch v2.7.0 caused by a syntax error in the proxy_tensor.py component. The linked documents (NVD/NIST entry and IBM watsonx bulletin listing this CVE among PyTorch-related issues) confirm the affected product and the basic fl...
CVE-2025-55560
CVE-2025-55560 affects PyTorch where a model using torch.Tensor.to_sparse() and torch.Tensor.to_dense() compiled by Inductor can cause a DoS. Connected advisories specify affected package versions: PyTorch < 2.0.0-11 and PyTorch
CVE-2025-55552
CVE-2025-55552 concerns PyTorch v2.8.0 exhibiting unexpected behavior when using torch.rot90 and torch.randn_like together. The primary sources state the issue exists in PyTorch 2.8.0 and provide no explicit remediation in the initial description. Some connected advisories note that patched versi...
CVE-2025-46152
CVE-2025-46152 affects PyTorch where bitwise_right_shift can produce incorrect output for certain out-of-bounds values of the OTHER argument. Affected versions include PyTorch before 2.7.0; a patched version is available. The connected Mariner data notes PyTorch packages less than 2.2.2-9 are aff...
CVE-2025-46150
CVE-2025-46150 is referenced in connected IBM bulletin as affecting PyTorch: prior to 2.7.0, using torch.compile can cause FractionalMaxPool2d to produce inconsistent results. The IBM document lists the CVE entry and its description but provides no technical details on root cause, vulnerable vers...
CVE-2025-55558
CVE-2025-55558 is a buffer overflow in PyTorch 2.7.0 during compilation with Inductor for a model containing Conv2d, hardshrink, and tensor.view-torch.mv(), leading to a Denial of Service (DoS). The IBM watsonx Code Assistant On Prem bulletin documents this CVE as part of multiple vulnerabilities...
CVE-2025-46148
CVE-2025-46148 affects PyTorch up to version 2.6.0 when using eager execution, where nn.PairwiseDistance(p=2) can produce incorrect results. Connected entries (BIT-PYTORCH-2025-46148, NVD, OSV variants, Debian/Ubuntu OSV, CNVD) corroborate the issue with identical description. The vulnerability i...
CVE-2025-46149
CVE-2025-46149 is linked to PyTorch, affecting versions before 2.7.0. When using inductor, nn.Fold triggers an assertion error, per the IBM security bulletin listing this CVE among multiple PyTorch-related issues. The IBM entry provides the concrete detail that the vulnerability manifests as an a...
CVE-2025-55557
CVE-2025-55557 : A NameError occurs in PyTorch v2.7.0 when a model uses torch.cummin and is compiled by Inductor, leading to a Denial of Service. The initial description provides the affected components and the root cause, but no public remediation or exploitation details are documented in the su...
CVE-2025-46153
CVE-2025-46153 affects PyTorch before 3.7.0, where a bernoulli_p decompos e function in decompositions.py is not fully consistent with the eager CPU implementation. This inconsistency negatively affects nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True. Connected documents pr...
CVE-2025-55554
PyTorch v2.8.0 has an integer overflow in the torch.nan_to_num-.long() path (CVE-2025-55554). This is reported across multiple sources (NVD, OSV, CNVD, etc.). The connected documents do not provide concrete exploit details or available patches/remediation. No exploitation status is given in the s...
CVE-2025-63396
CVE-2025-63396 affects PyTorch v2.5 and v2.7.1, where omitting profiler.stop() allows torch.profiler.profile (PythonTracer) to crash or hang during finalization, yielding a Denial of Service (DoS). The connected sources consistently describe the same impact and affected component. There is no doc...