All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
This paper presents ASGA, a method for creating adversarial attacks (small, crafted changes meant to trick AI models) on video action recognition systems (AI models that identify what actions people are performing in videos). The key innovation is that attackers can compute perturbations (the malicious changes) just once on important keyframes (selected frames that represent the video's content), then replicate these changes across the entire video, making the attack work even when the model samples frames differently and reducing computational cost.
PyTorch version 2.7.0 has a vulnerability (CVE-2025-55560) that causes a Denial of Service (DoS, where a system becomes unavailable or unresponsive) when a model uses specific sparse tensor functions (torch.Tensor.to_sparse() and torch.Tensor.to_dense()) and is compiled by Inductor (PyTorch's code compilation tool). This issue stems from uncontrolled resource consumption, meaning the system uses up too many computing resources.
CVE-2025-55559 is a vulnerability in TensorFlow v2.18.0 where setting the padding parameter to 'valid' in tf.keras.layers.Conv2D (a layer used in neural networks for image processing) causes a Denial of Service (DoS, where a system becomes unavailable to users). The vulnerability is classified as uncontrolled resource consumption, meaning the system uses up resources like memory or CPU in an uncontrolled way.
CVE-2025-55558 is a buffer overflow (a memory safety error where data is written beyond the intended boundaries) in PyTorch version 2.7.0 that occurs when certain neural network operations are combined and compiled using Inductor, a code compiler. This vulnerability causes a Denial of Service attack (making a service unavailable to users), though no CVSS severity score has been assigned yet.
PyTorch version 2.7.0 has a bug where a name error occurs when a model uses torch.cummin (a function that finds cumulative minimum values) and is compiled by Inductor (PyTorch's compiler for optimizing code). This causes a Denial of Service (DoS, where a system becomes unavailable to users).
TensorFlow v2.18.0 has a bug where the Embedding function (a neural network layer that converts words or items into numerical representations) produces random results when compiled, causing applications to behave unexpectedly. The issue is tracked as CVE-2025-55556 and has a severity rating that is still being assessed.
PyTorch version 2.8.0 contains an integer overflow vulnerability (a bug where a number gets too large for its storage space and wraps around to an incorrect value) in the torch.nan_to_num function when using the .long() method. The vulnerability is tracked as CVE-2025-55554, though a detailed severity rating has not yet been assigned by NIST.
CVE-2025-55553 is a syntax error in the proxy_tensor.py file of PyTorch version 2.7.0 that allows attackers to cause a Denial of Service (DoS, a type of attack where a system becomes unavailable to legitimate users). The vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 4.0, indicating moderate severity.
PyTorch v2.8.0 has a vulnerability (CVE-2025-55552) where two functions, torch.rot90 (which rotates arrays) and torch.randn_like (which generates random numbers matching a given shape), behave unexpectedly when used together, possibly due to integer overflow or wraparound (where numbers wrap around to negative values instead of staying large).
A vulnerability (CVE-2025-55551) exists in PyTorch version 2.8.0 in a math component called torch.linalg.lu that allows attackers to cause a Denial of Service (DoS, where a system becomes unavailable to users) by performing a slice operation (extracting a portion of data). The issue involves uncontrolled resource consumption (CWE-400, where a program uses too much memory or processing power without limits).
PyTorch versions before 3.7.0 have a bug in the bernoulli_p decompose function (a mathematical operation used in the dropout layers) that doesn't work the same way as the main CPU implementation, causing problems with nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True (a setting that uses random number generation as a backup method).
CVE-2025-46152 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the bitwise_right_shift function (which moves binary digits to the right) produces wrong answers when given certain out-of-bounds values. This is classified as an out-of-bounds write vulnerability (CWE-787, where a program writes data outside its intended memory area).
CVE-2025-46150 is a bug in PyTorch (a machine learning framework) versions before 2.7.0 where FractionalMaxPool2d (a function that reduces image dimensions) produces inconsistent results when torch.compile (a performance optimization tool) is used. The issue causes the function to give different outputs under the same conditions, which is problematic for machine learning models that need reproducible, reliable results.
CVE-2025-46149 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the nn.Fold function crashes with an assertion error when inductor (PyTorch's code optimization tool) is used. This is classified as a reachable assertion vulnerability, meaning the code reaches a safety check that fails unexpectedly.
PyTorch versions up to 2.6.0 have a bug where the nn.PairwiseDistance function (a tool that calculates distances between pairs of data points) produces wrong answers when using the p=2 parameter in eager mode (the default execution method). This is a correctness issue, meaning the calculation gives incorrect numerical results rather than causing a security breach.
Claude Code is a tool that uses AI to help write code, and it had a security flaw in versions before 1.0.39 where Yarn plugins (add-ons for a package manager) would run automatically when checking the version, bypassing Claude Code's trust dialog (a safety check asking users to confirm they trust a directory before working in it). This only affected users with Yarn versions 2.0 and newer, not those using the older Yarn Classic.
This research studies federated learning (FL, a method where multiple devices collaboratively train an AI model without sending their data to a central server) on real IoT and edge devices (small computing devices like phones and sensors) rather than in simulated environments. The study examines how FL performs in realistic conditions, focusing on heterogeneous scenarios (situations where devices have different computing power, network speeds, and data types), and provides insights to help researchers and practitioners build more practical FL systems.
Fix: Upgrade PyTorch to version 2.7.0 or later.
NVD/CVE DatabaseFix: Upgrade to PyTorch version 2.7.0 or later.
NVD/CVE DatabaseFix: Upgrade to PyTorch version 2.7.0 or later.
NVD/CVE DatabaseHecate is a framework for anonymous credentials (a system allowing users to prove they have certain attributes without revealing their identity) that adds protection for verifiers, the entities checking credentials, while maintaining threshold issuance (requiring multiple parties to approve a credential) and issuer-hiding (hiding which organization issued the credential). The system uses a dual-credential design to let both verifiers and users set policies about who can access information, and testing shows it can verify credentials quickly, in about 37-60 milliseconds.
Silent Data Corruption (SDC, where a computer system produces wrong outputs without alerting anyone) is a growing problem in modern chip designs, but current detection methods are inefficient or inaccurate. Researchers proposed VP-HPKG, a new approach that uses a knowledge graph (a map of how instructions relate to each other) combined with neural network techniques to predict which instructions are vulnerable to SDC and detect error propagation paths more efficiently than existing methods.
Fix: Update Claude Code to version 1.0.39 or later. Users with auto-update enabled will have received the fix automatically. Users updating manually should update to the latest version.
NVD/CVE DatabaseMultiple AI coding agents (like GitHub Copilot and Claude Code) can write to each other's configuration files, allowing one compromised agent to modify another agent's settings through an indirect prompt injection (tricking an AI by hiding malicious instructions in its input). This creates a cross-agent privilege escalation, where one agent can 'free' another by giving it additional capabilities to break out of its sandbox (an isolated environment limiting what software can do) and execute arbitrary code.