PyTorch (Python) – Support, CVEs & Health

Security

Known Vulnerabilities

10 active CVEs reported via OSV.dev

GHSA-3749-ghw9-m3mg CVSS_V3

PyTorch susceptible to local Denial of Service

Published: 2025-03-30 Fixed in: 2.7.1-rc1

GHSA-47fc-vmwq-366v CVSS_V3

PyTorch vulnerable to arbitrary code execution

Published: 2022-11-26 Fixed in: 1.13.1

GHSA-53q9-r3pm-6pq6 CVSS_V4

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

Published: 2025-04-18 Fixed in: 2.6.0

GHSA-5pcm-hx3q-hm94 CVSS_V3

PyTorch heap buffer overflow vulnerability

Published: 2024-04-17 Fixed in: 2.2.0

GHSA-887c-mr87-cxwp CVSS_V3

PyTorch Improper Resource Shutdown or Release vulnerability

Published: 2025-04-16 Fixed in: 2.8.0

GHSA-pg7h-5qx3-wjr3 CVSS_V3

Pytorch use-after-free vulnerability

Published: 2024-04-17 Fixed in: 2.2.0

PYSEC-2022-43015 Unknown

Published: 2022-11-26 Fixed in: 767f6aa49fe20a2766b9843d01e3b7f7793df6a3

PYSEC-2024-250 Unknown

Published: 2024-04-19 Fixed in: 7c35874ad664e74c8e4252d67521f3986eadb0e6

PYSEC-2024-251 Unknown

Published: 2024-04-17 Fixed in: 9c7071b0e324f9fb68ab881283d6b8d388a4bcd2

PYSEC-2024-252 Unknown

Published: 2024-04-17 Fixed in: b5c3a17c2c207ebefcb85043f0cf94be9b2fef81