Denial of Service Vulnerability in PyTorch Inductor Compilation
CVE-2025-55557

7.5HIGH

Key Information:

Vendor

PyTorch

Status
Vendor
CVE Published:
25 September 2025

What is CVE-2025-55557?

A vulnerability exists in PyTorch v2.7.0 related to a Name Error that occurs during the Inductor compilation of a model utilizing the torch.cummin function. This issue can result in Denial of Service (DoS), rendering the application inoperable under specific conditions. Users should take caution when deploying models using this configuration until a patch is provided.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.