AI Sec Watch

PyTorch version 2.7.0 has a bug where a name error occurs when a model uses torch.cummin (a function that finds cumulative minimum values) and is compiled by Inductor (PyTorch's compiler for optimizing code). This causes a Denial of Service (DoS, where a system becomes unavailable to users).

TensorFlow v2.18.0 has a bug where the Embedding function (a neural network layer that converts words or items into numerical representations) produces random results when compiled, causing applications to behave unexpectedly. The issue is tracked as CVE-2025-55556 and has a severity rating that is still being assessed.

PyTorch version 2.8.0 contains an integer overflow vulnerability (a bug where a number gets too large for its storage space and wraps around to an incorrect value) in the torch.nan_to_num function when using the .long() method. The vulnerability is tracked as CVE-2025-55554, though a detailed severity rating has not yet been assigned by NIST.

CVE-2025-55553 is a syntax error in the proxy_tensor.py file of PyTorch version 2.7.0 that allows attackers to cause a Denial of Service (DoS, a type of attack where a system becomes unavailable to legitimate users). The vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 4.0, indicating moderate severity.

PyTorch v2.8.0 has a vulnerability (CVE-2025-55552) where two functions, torch.rot90 (which rotates arrays) and torch.randn_like (which generates random numbers matching a given shape), behave unexpectedly when used together, possibly due to integer overflow or wraparound (where numbers wrap around to negative values instead of staying large).

A vulnerability (CVE-2025-55551) exists in PyTorch version 2.8.0 in a math component called torch.linalg.lu that allows attackers to cause a Denial of Service (DoS, where a system becomes unavailable to users) by performing a slice operation (extracting a portion of data). The issue involves uncontrolled resource consumption (CWE-400, where a program uses too much memory or processing power without limits).

PyTorch versions before 3.7.0 have a bug in the bernoulli_p decompose function (a mathematical operation used in the dropout layers) that doesn't work the same way as the main CPU implementation, causing problems with nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True (a setting that uses random number generation as a backup method).

CVE-2025-46152 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the bitwise_right_shift function (which moves binary digits to the right) produces wrong answers when given certain out-of-bounds values. This is classified as an out-of-bounds write vulnerability (CWE-787, where a program writes data outside its intended memory area).

CVE-2025-46150 is a bug in PyTorch (a machine learning framework) versions before 2.7.0 where FractionalMaxPool2d (a function that reduces image dimensions) produces inconsistent results when torch.compile (a performance optimization tool) is used. The issue causes the function to give different outputs under the same conditions, which is problematic for machine learning models that need reproducible, reliable results.