Pytorch
Products
4- Pytorch33 CVEspypi
- Executorch7 CVEspypi
- 6 CVEs
- 2 CVEs
Recent CVEs
47| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54952 | Cri | 0.57 | 9.8 | 0.01 | Aug 8, 2025 | An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit… | ||
| CVE-2025-54951 | Cri | 0.57 | 9.8 | 0.01 | Aug 7, 2025 | A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c. | ||
| CVE-2025-54950 | Cri | 0.57 | 9.8 | 0.01 | Aug 7, 2025 | An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005. | ||
| CVE-2025-54949 | Cri | 0.57 | 9.8 | 0.01 | Aug 7, 2025 | A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be | ||
| CVE-2025-30405 | Cri | 0.57 | 9.8 | 0.01 | Aug 7, 2025 | An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit… | ||
| CVE-2025-30404 | Cri | 0.57 | 9.8 | 0.01 | Aug 7, 2025 | An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006. | ||
| CVE-2025-30402 | Hig | 0.46 | 8.1 | 0.00 | Jul 11, 2025 | A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f | ||
| CVE-2024-6577 | Med | 0.41 | 6.3 | 0.00 | Mar 20, 2025 | In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the… | ||
| CVE-2026-4538 | Med | 0.27 | 5.3 | 0.00 | Mar 22, 2026 | A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might… | ||
| CVE-2025-4287 | Low | 0.14 | 3.3 | 0.00 | May 5, 2025 | A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host.… | ||
| CVE-2023-43654 | 0.03 | — | 0.35 | Sep 28, 2023 | TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to… | |||
| CVE-2024-48063 | 0.02 | — | 0.02 | Oct 29, 2024 | In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing. | |||
| CVE-2026-24747 | 0.00 | — | 0.01 | Jan 27, 2026 | PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt… | |||
| CVE-2025-63396 | 0.00 | — | 0.00 | Nov 12, 2025 | An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS). | |||
| CVE-2025-55554 | 0.00 | — | 0.00 | Sep 25, 2025 | pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long(). | |||
| CVE-2025-55557 | 0.00 | — | 0.00 | Sep 25, 2025 | A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS). | |||
| CVE-2025-46152 | 0.00 | — | 0.00 | Sep 25, 2025 | In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument. | |||
| CVE-2025-46149 | 0.00 | — | 0.00 | Sep 25, 2025 | In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error. | |||
| CVE-2025-55560 | 0.00 | — | 0.00 | Sep 25, 2025 | An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor. | |||
| CVE-2025-55551 | 0.00 | — | 0.00 | Sep 25, 2025 | An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation. |
- risk 0.57cvss 9.8epss 0.01
An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit…
- risk 0.57cvss 9.8epss 0.01
A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c.
- risk 0.57cvss 9.8epss 0.01
An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005.
- risk 0.57cvss 9.8epss 0.01
A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be
- risk 0.57cvss 9.8epss 0.01
An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit…
- risk 0.57cvss 9.8epss 0.01
An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006.
- risk 0.46cvss 8.1epss 0.00
A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f
- risk 0.41cvss 6.3epss 0.00
In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the…
- risk 0.27cvss 5.3epss 0.00
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might…
- risk 0.14cvss 3.3epss 0.00
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host.…
- CVE-2023-43654Sep 28, 2023risk 0.03cvss —epss 0.35
TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to…
- CVE-2024-48063Oct 29, 2024risk 0.02cvss —epss 0.02
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.
- CVE-2026-24747Jan 27, 2026risk 0.00cvss —epss 0.01
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt…
- CVE-2025-63396Nov 12, 2025risk 0.00cvss —epss 0.00
An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS).
- CVE-2025-55554Sep 25, 2025risk 0.00cvss —epss 0.00
pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
- CVE-2025-55557Sep 25, 2025risk 0.00cvss —epss 0.00
A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).
- CVE-2025-46152Sep 25, 2025risk 0.00cvss —epss 0.00
In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.
- CVE-2025-46149Sep 25, 2025risk 0.00cvss —epss 0.00
In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.
- CVE-2025-55560Sep 25, 2025risk 0.00cvss —epss 0.00
An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.
- CVE-2025-55551Sep 25, 2025risk 0.00cvss —epss 0.00
An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.