Integer Overflow Vulnerability in PyTorch by Meta
CVE-2025-55554

5.3MEDIUM

Key Information:

Vendor: Meta
Status: PyTorch
Vendor: CVE Published:; 25 September 2025

What is CVE-2025-55554?

A newly identified vulnerability in version 2.8.0 of PyTorch has been found to exhibit an integer overflow in the function torch.nan_to_num-.long(). This flaw can potentially lead to unexpected behavior during mathematical operations, possibly allowing malicious actors to trigger data corruption or execute arbitrary code in certain conditions. Users of this specific version are urged to apply necessary updates or patches to mitigate the risk associated with this vulnerability.

References

https://github.com/pytorch/pytorch/issues/151510

https://gist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Aug 13, 2025

JSON