Pytorch
AI Threat Alert tracks 4 known AI/ML vulnerabilities affecting Pytorch products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Pytorch CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2023-43654 | TorchServe: SSRF + RCE via unrestricted model URL loading | torchserve | 9.8 |
| MEDIUM | CVE-2023-48299 | TorchServe: ZipSlip arbitrary file write via model upload | torchserve | 5.3 |
| CRITICAL | CVE-2024-35198 | TorchServe: URL bypass enables arbitrary model loading | torchserve | 9.8 |
| HIGH | CVE-2024-35199 | TorchServe: default gRPC exposure allows unauth inference | torchserve | 8.2 |
Frequently asked questions
How many known vulnerabilities affect Pytorch?
4 AI/ML CVEs affecting Pytorch products are tracked, sourced from NVD and GitHub Advisory.
What Pytorch products are affected?
The CVEs below map to the Pytorch AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Pytorch vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Pytorch for new vulnerabilities?
AI Threat Alert tracks Pytorch continuously; a Pro subscription adds breaking alerts when new CVEs affecting Pytorch are published.
How do I assess Pytorch's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Pytorch issues first and judge the exposure for your stack.