AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-3001: A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_ce

mediumvulnerability

security

Source: NVD/CVE DatabaseMarch 31, 2025CVE-2025-3001

Summary

PyTorch 2.6.0 contains a critical vulnerability (CVE-2025-3001) in the torch.lstm_cell function that causes memory corruption (damage to data stored in a computer's memory) through local manipulation. The vulnerability requires local access to exploit and has been publicly disclosed.

Vulnerability Details

CVSS Score

5.3(medium)

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-119

CAPEC (Attack Pattern)

CAPEC-100

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-3001

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 95%