Browse all 7 CVE security advisories affecting pytorch. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PyTorch serves as an open-source machine learning framework primarily used for developing and training deep learning models. Historically, vulnerabilities affecting the framework have included remote code execution, cross-site scripting, and privilege escalation risks, with seven CVEs currently documented. While no major security incidents have been widely reported, the framework's extensive use in production environments necessitates regular security updates. Its dynamic computation graph and Python integration introduce potential attack surfaces, particularly in untrusted model loading scenarios. Security researchers have identified issues related to insecure deserialization and improper input validation in past versions, emphasizing the importance of dependency management and sandboxing when deploying PyTorch-based applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24747 | PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files — pytorchCWE-502 | 8.8 | High | 2026-01-27 |
| CVE-2025-32434 | PyTorch: `torch.load` with `weights_only=True` leads to remote code execution — pytorchCWE-502 | 8.8 | - | 2025-04-18 |
| CVE-2024-6577 | Unclaimed S3 Bucket Usage in pytorch/serve — pytorch/serveCWE-840 | 9.1 | - | 2025-03-20 |
| CVE-2024-35198 | TorchServe bypass allowed_urls configuration — serveCWE-706 | 9.8 | Critical | 2024-07-18 |
| CVE-2024-35199 | TorchServe gRPC Port Exposure — serveCWE-668 | 8.2 | High | 2024-07-18 |
| CVE-2023-48299 | TorchServe ZipSlip — serveCWE-22 | 5.3 | Medium | 2023-11-21 |
| CVE-2023-43654 | TorchServe Server-Side Request Forgery — serveCWE-918 | 10.0 | Critical | 2023-09-28 |
This page lists every published CVE security advisory associated with pytorch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.