CVE-2025-2149

Low CVSS: 2.0

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnq_Sigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zero_point leads to improper initialization. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Vendor

Linuxfoundation

Product

Pytorch

CWE

CWE-665

Yayın Tarihi

2025-03-10 13:15:36

Güncelleme

2026-02-24 18:52:49

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-665 Pytorch LOW Linuxfoundation 2025

Referanslar

https://github.com/pytorch/pytorch/issues/147818 https://github.com/pytorch/pytorch/issues/147818#issue-2877301660 https://vuldb.com/?ctiid.299060 https://vuldb.com/?id.299060 https://vuldb.com/?submit.506563 https://github.com/pytorch/pytorch/issues/147818 https://github.com/pytorch/pytorch/issues/147818#issue-2877301660

Benzer Kayıtlar

High

CVE-2026-27489

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0,…

Critical

CVE-2026-33701

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. I…

Medium

CVE-2026-33015

EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop…

High

CVE-2026-33009

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memo…

Medium

CVE-2026-33014

EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorizat…

Medium

CVE-2026-27815

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup cop…