We use cookies to improve your experience on our site.
AVID-2026-R1691
Description
PyTorch: torch.load with weights_only=True leads to remote code execution (CVE-2025-32434)
Details
PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.
Reason for inclusion in AVID: CVE-2025-32434 describes a remote code execution vulnerability in PyTorch (a core AI framework) triggered by loading a model with weights_only=True. This is a software vulnerability in a widely used library that AI systems rely on for model loading, training, and inference, representing a software supply-chain risk in general-purpose AI stacks. There are explicit CVE/NVD references and a public advisory, and a fix exists in a newer version, indicating clear evidence for inclusion in AVID curation.
References
Affected or Relevant Artifacts
- Developer: pytorch
- Deployer: pytorch
- Artifact Details:
| Type | Name |
|---|---|
| System | pytorch |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CWE
| ID | Description |
|---|---|
| CWE-502 | CWE-502: Deserialization of Untrusted Data |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2025-04-18
- Version: 0.3.3
- AVID Entry