CVE-2025-32434

Published Apr 18, 2025

Last updated 5 months ago

CVSS critical 9.3
Python
PyTorch

Overview

Description
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.
Source
security-advisories@github.com
NVD status
Modified
Products
pytorch

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-502

Social media

Hype score
Not currently trending

  1. MLエンジニア必読。PyTorch torch.loadの緩和策「weights_only=True」がCVE-2025-32434で無効化。悪意のあるモデルファイルで任意コード実行が可能。HuggingFace・PyTorch Hubからのモデルは全て要確認。モデルの信頼境界をMLパ

    @aidriven1234

    21 Apr 2026

    151 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. csirt_it: ‼️ #PyTorch: disponibile #PoC per lo sfruttamento della CVE-2025-32434 Rischio: 🟠 Tipologia: 🔸Remote Code Execution 🔗 https://t.co/7FI8VJDgKY ⚠ Importante aggiornare i software interessati https://t.co/bmUbyAArsK

    @Vulcanux_

    20 Mar 2026

    83 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ‼️ #PyTorch: disponibile #PoC per lo sfruttamento della CVE-2025-32434 Rischio: 🟠 Tipologia: 🔸Remote Code Execution 🔗 https://t.co/ur8faAscsm ⚠ Importante aggiornare i software interessati https://t.co/SzNPf4mVo1

    @csirt_it

    20 Mar 2026

    198 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-32434-exploit #exploit #scanner A script for exploiting a vulnerability in PyTorch with subsequent RCE in library versions < 2.6.0 https://t.co/qp2agVQsM7

    @TheExploitLab

    17 Dec 2025

    63 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  5. Critical vulnerability alert for the# AI community. CVE-2025-32434 allows remote code execution via PyTorch's model loading function. This is severe (9.8 CVSS). Read more: 👉 https://t.co/zOAgiDhNvv #Security #Debian https://t.co/9fsJ7UVV1S

    @Cezar_H_Linux

    1 Dec 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Critical RCE vulnerability (CVE-2025-32434, CVSS 9.3) found in PyTorch! https://t.co/02lCkEmG3K

    @NeoRusII

    8 Jul 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Recently, I’ve been working on a heap overflow exploit. The whole process has been quite interesting, involving some JIT optimization as well. I’d also like to thank my good friends Qu and zraxx for their inspiration. This is also one of the PoCs for CVE-2025-32434. https://

    @azraelxuemo

    3 Jun 2025

    157 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. ⚠️ ثغرة خطيرة في PyTorch تم اكتشافها الثغرة CVE-2025-32434 (تقييم 9.3) تتيح تنفيذ أكواد خبيثة عند تحميل نموذج ذكاء اصطناعي مُصاب. إذا كنت تستخدم PyTorch، قم بالتحديث إلى

    @KasperskyKSA

    6 May 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. PyTorch の深刻な脆弱性 CVE-2025-32434 が FIX:セキュリティ対策の不備によるコード実行 https://t.co/tZK7x71L2v Python の機械学習ライブラリである PyTorch に、CVSS 値 9.1 の深刻な RCE 脆弱性が発見されました。”weights_only=

    @iototsecnews

    5 May 2025

    138 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. ⚠️ Critical vulnerability in PyTorch detected CVE-2025-32434 (CVSS 9.3) allows attackers to run code remotely when a malicious AI model is loaded. If you use PyTorch, update to the latest version immediately to stay protected. 🔗 Learn more and secure your system: https:/

    @KasperskyKSA

    28 Apr 2025

    154 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. PyTorch — популярный инструмент для создания ИИ-моделей — оказался уязвимым для атак, несмотря на меры безопасности. Ошибка с идентификатором CVE-2025-32434 позволяла исполнять вредоносный код при загрузке моделей: https://t.co/Ji4SCQe0HN #PyTorch #ИИ #CVE #CVSS #Microsoft http

    @infosecmedia_

    22 Apr 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. pytorch (torch) に脆弱性、CVSS 9.3 で重大度高い torch >= 2.6.0 で解消 CVE-2025-32434 https://t.co/ve7G44hZeS https://t.co/AD6ASuY8oP

    @fresta_gg

    21 Apr 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. A critical vulnerability (CVE-2025-32434) in PyTorch allows remote code execution even with protections in place. Users should upgrade to 2.6.0 and audit AI models for safety. ⚠️ #PyTorch #AIModels #USA link: https://t.co/ukQSjsbUQ0 https://t.co/gXo1K4yNsS

    @TweetThreatNews

    21 Apr 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. A critical RCE vulnerability (CVE-2025-32434) has been found in PyTorch ≤2.5.1, affecting the torch.load() function. Users should update to version 2.6.0 immediately. ⚠️ #PyTorchUpdate #RemoteCode #USA link: https://t.co/t2VcewJQbW https://t.co/XdRbtVphAL

    @TweetThreatNews

    21 Apr 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. PyTorchに重大(Critical)な脆弱性。CVE-2025-32434はCVSSスコア9.3の遠隔コード実行。torch.load()でweights_only=Trueの場合に細工されたモデルファイルを扱うと発現。バージョン2.6.0で修正。 https://t.co/62GqSLH4Ou

    @__kokumoto

    21 Apr 2025

    6625 Impressions

    28 Retweets

    65 Likes

    28 Bookmarks

    0 Replies

    0 Quotes

  16. Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution https://t.co/T7JmseLUkj

    @Dinosn

    21 Apr 2025

    2457 Impressions

    3 Retweets

    19 Likes

    5 Bookmarks

    0 Replies

    1 Quote

  17. 🚨 CVE-2025-32434 ⚠️🔴 CRITICAL (9.3) 🏢 pytorch - pytorch 🏗️ < 2.6.0 🔗 https://t.co/3CXH8n7NHn #CyberCron #VulnAlert #InfoSec https://t.co/mlq7tLQyL3

    @cybercronai

    19 Apr 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CVE-2025-32434 Remote Command Execution in PyTorch Before 2.6.0 via Torch Load Mechanism https://t.co/wJsyOveSwF

    @VulmonFeeds

    19 Apr 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. CVE-2025-69660
  2. PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.CVE-2026-24747
  3. An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS).CVE-2025-63396
  4. An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank cyberstan for reporting this issue.CVE-2025-64459
  5. An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect` were subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Seokchan Yoon for reporting this issue.CVE-2025-64458

References

Sources include official advisories and independent security research.