CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-20765
https://notcve.org/view.php?id=CVE-2025-20765
02 Dec 2025 — In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833. • https://corp.mediatek.com/product-security-bulletin/December-2025 • CWE-415: Double Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46148
https://notcve.org/view.php?id=CVE-2025-46148
25 Sep 2025 — In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results. • https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46149
https://notcve.org/view.php?id=CVE-2025-46149
25 Sep 2025 — In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error. • https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a • CWE-617: Reachable Assertion •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46150
https://notcve.org/view.php?id=CVE-2025-46150
25 Sep 2025 — In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results. • https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46152
https://notcve.org/view.php?id=CVE-2025-46152
25 Sep 2025 — In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument. • https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46153
https://notcve.org/view.php?id=CVE-2025-46153
25 Sep 2025 — PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True. • https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a • CWE-1176: Inefficient CPU Computation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55551
https://notcve.org/view.php?id=CVE-2025-55551
25 Sep 2025 — An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation. • https://gist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14d8706749efc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55552
https://notcve.org/view.php?id=CVE-2025-55552
25 Sep 2025 — pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together. • https://gist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14d8706749efc • CWE-190: Integer Overflow or Wraparound CWE-682: Incorrect Calculation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55553
https://notcve.org/view.php?id=CVE-2025-55553
25 Sep 2025 — A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS). • https://gist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14d8706749efc • CWE-248: Uncaught Exception •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55554
https://notcve.org/view.php?id=CVE-2025-55554
25 Sep 2025 — pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long(). • https://gist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14d8706749efc • CWE-190: Integer Overflow or Wraparound •