Integer Overflow Vulnerability in ExecuTorch Affects Model Loading
CVE-2025-30405

Currently unrated

Key Information:

Vendor: Meta Platforms, Inc
Status: Executorch
Vendor: CVE Published:; 7 August 2025

🔔 Create Meta Platforms, Inc Vulnerability Alert

What is CVE-2025-30405?

An integer overflow vulnerability exists in the loading process of ExecuTorch models, potentially allowing objects to be placed outside of their designated memory boundaries. This weakness can lead to unforeseen code execution and other adverse effects. Users are advised to update to the latest version to mitigate the risks associated with this vulnerability.

Affected Version(s)

ExecuTorch 0

References

https://www.facebook.com/security/advisories/cve-2025-30405

x_refsource_CONFIRM

https://github.com/pytorch/executorch/commit/0830af820724...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2025
Vulnerability Reserved
Mar 21, 2025