本頁列出影響 linuxfoundation pytorch 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-4538 | A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet. | [email protected] | 1.9 | 0.02% | 2026-03-22 | 2026-04-29 |
| CVE-2026-24747 | PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue. | [email protected] | 8.8 | 0.05% | 2026-01-27 | 2026-01-30 |
| CVE-2025-63396 | An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS). | [email protected] | 3.3 | 0.02% | 2025-11-12 | 2026-01-02 |
| CVE-2025-55560 | An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor. | [email protected] | 7.5 | 0.16% | 2025-09-25 | 2025-10-14 |
| CVE-2025-55558 | A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS). | [email protected] | 7.5 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-55557 | A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS). | [email protected] | 7.5 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-55554 | pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long(). | [email protected] | 5.3 | 0.06% | 2025-09-25 | 2025-10-03 |
| CVE-2025-55553 | A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS). | [email protected] | 7.5 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-55552 | pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together. | [email protected] | 7.5 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-55551 | An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation. | [email protected] | 7.5 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-46153 | PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True. | [email protected] | 5.3 | 0.06% | 2025-09-25 | 2025-10-03 |
| CVE-2025-46152 | In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument. | [email protected] | 5.3 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-46150 | In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results. | [email protected] | 5.3 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-46149 | In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error. | [email protected] | 5.3 | 0.02% | 2025-09-25 | 2025-10-03 |
| CVE-2025-46148 | In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results. | [email protected] | 5.3 | 0.05% | 2025-09-25 | 2025-10-03 |
| CVE-2025-32434 | PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0. | [email protected] | 9.3 | 0.43% | 2025-04-18 | 2025-12-01 |
| CVE-2025-3730 | A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctc_loss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 46fc5d8e360127361211cb237d5f9eef0223e567. It is recommended to apply a pa | [email protected] | 4.8 | 0.01% | 2025-04-16 | 2025-05-28 |
| CVE-2025-3136 | A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | [email protected] | 4.8 | 0.06% | 2025-04-03 | 2025-05-28 |
| CVE-2025-3121 | A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | [email protected] | 4.8 | 0.09% | 2025-04-02 | 2025-05-27 |
| CVE-2025-3001 | A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | [email protected] | 4.8 | 0.15% | 2025-03-31 | 2025-05-29 |