CVE-2026-24747

EUVD-2026-4738
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linuxfoundationpytorch
𝑥
< 2.10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pytorch
bookworm
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pytorch
jammy
needs-triage
noble
dne
questing
needs-triage
Common Weakness Enumeration
References
https://github.com/pytorch/pytorch/163122/commit/954dc5183ee9205cbe79876ad05dd2d9ae752139
https://github.com/pytorch/pytorch/issues/163105
https://github.com/pytorch/pytorch/releases/tag/v2.10.0
https://github.com/pytorch/pytorch/security/advisories/GHSA-63cw-57p8-fm3p