AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-3121: A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module

lowvulnerability

security

Source: NVD/CVE DatabaseApril 2, 2025CVE-2025-3121

Summary

CVE-2025-3121 is a memory corruption vulnerability (where a program accidentally writes data to wrong memory locations) found in PyTorch 2.6.0, specifically in the torch.jit.jit_module_from_flatbuffer function. An attacker with local access (meaning they can run code on the same computer) could exploit this vulnerability, and the exploit details have been publicly disclosed.

Vulnerability Details

CVSS Score

3.3(low)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Impact (CIA+S)

availability

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-119

CAPEC (Attack Pattern)

CAPEC-100

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-3121

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 85%