Low severity2.5NVD Advisory· Published Mar 10, 2025· Updated Jun 17, 2026
CVE-2025-2149
CVE-2025-2149
Description
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initialization. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
torchPyPI | <= 2.6.0 | — |
Affected products
4- Range: = 2.6.0+cu124
Patches
Vulnerability mechanics
References
8- vuldb.comnvdExploitThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-x3gm-94wq-g975ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-2149ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryVDB EntryWEB
- github.com/pypa/advisory-database/tree/main/vulns/torch/PYSEC-2025-190.yamlghsaWEB
- github.com/pytorch/pytorch/issues/147818nvdIssue TrackingWEB
- github.com/pytorch/pytorch/issues/147818nvdIssue TrackingWEB
- vuldb.comnvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.