CVE-2025-2953: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is t
lowvulnerability
security
Summary
A vulnerability in PyTorch 2.6.0+cu124 affects the torch.mkldnn_max_pool2d function, a component used for processing image data. The vulnerability can cause a denial of service (making a system unavailable), but requires local access to the machine. The vulnerability's real existence is still disputed.
Vulnerability Details
CVSS Score
3.3(low)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
DoS
Attack SophisticationModerate
Impact (CIA+S)
availability
AI Component TargetedFramework
Taxonomy References
CWE (Weakness Type)
Affected Vendors
Related Issues
mediumlow
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
Similar attackNVD/CVE Database
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Similar attack
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-2953
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 85%