CVE-2025-55558: A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshr
Summary
CVE-2025-55558 is a buffer overflow (a memory safety error where data is written beyond the intended boundaries) in PyTorch version 2.7.0 that occurs when certain neural network operations are combined and compiled using Inductor, a code compiler. This vulnerability causes a Denial of Service attack (making a service unavailable to users), though no CVSS severity score has been assigned yet.
Vulnerability Details
7.5(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2026-24747: PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `wei
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-55558
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 92%