AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-46149: In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.

mediumvulnerability

security

Source: NVD/CVE DatabaseSeptember 25, 2025CVE-2025-46149

Summary

CVE-2025-46149 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the nn.Fold function crashes with an assertion error when inductor (PyTorch's code optimization tool) is used. This is classified as a reachable assertion vulnerability, meaning the code reaches a safety check that fails unexpectedly.

Solution / Mitigation

Upgrade to PyTorch version 2.7.0 or later.

Vulnerability Details

CVSS Score

5.3(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Impact (CIA+S)

availability

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-617

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-46149

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 85%