CVE-2025-32434 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-32434 PUBLISHED

PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.

EPSS 1.22% · 79.0th percentile

Risk Scores

EPSS Score

1.22%

79.0th percentile

Affected Products

Vendor	Product	Versions
Bitnami	pytorch	0
Bitnami	pytorch	0

Timeline

Jan 21, 1970 Security Advisory
Apr 18, 2025 CVE Published
Apr 19, 2025 EPSS Score
May 1, 2025 EPSS Score
May 12, 2025 EPSS Score
May 24, 2025 EPSS Score
May 28, 2025 Coalition ESS Score
Jun 5, 2025 EPSS Score
Jun 28, 2025 EPSS Score
Jul 10, 2025 EPSS Score
Jul 22, 2025 EPSS Score
Aug 3, 2025 EPSS Score

References

Open in Interactive Console →