Buffer Overflow Vulnerabilities in ExecuTorch by PyTorch
CVE-2025-54951

9.8CRITICAL

Key Information:

Vendor: Meta Platforms, Inc
Status: Executorch
Vendor: CVE Published:; 7 August 2025

🔔 Create Meta Platforms, Inc Vulnerability Alert

What is CVE-2025-54951?

ExecuTorch suffers from a series of buffer overflow vulnerabilities that occur during the loading of its models. These vulnerabilities can lead to runtime crashes, potentially allowing malicious actors to execute arbitrary code or cause other adverse effects on system operations. The issue specifically impacts versions of ExecuTorch released before commit cea9b23aa8ff78aff92829a466da97461cc7930c.

Affected Version(s)

ExecuTorch 0

References

https://www.facebook.com/security/advisories/cve-2025-54951

x_refsource_CONFIRM

https://github.com/pytorch/executorch/commit/cea9b23aa8ff...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2025