{"data":{"id":"f792b627-4a8b-4aba-8f38-8977ac28ae8c","title":"CVE-2025-2148: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is th","summary":"A critical vulnerability (CVE-2025-2148) was found in PyTorch 2.6.0+cu124 in a function called torch.ops.profiler._call_end_callbacks_on_jit_fut that handles tuples (groups of related data). When the function receives a None argument (a placeholder for \"no value\"), it causes memory corruption (where data stored in memory gets damaged or overwritten), and the attack can be launched remotely. However, the exploit is difficult to carry out and requires user interaction.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-2148","publishedAt":"2025-03-10T16:15:12.617Z","cveId":"CVE-2025-2148","cweIds":["CWE-119"],"cvssScore":"5","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["PyTorch"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00155,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-100"],"crossRefCount":0,"attackSophistication":"advanced","impactType":["integrity","confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}