Description
A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.facebook.com/security/advisories/cve-2025-54949
Patch x_refsource_confirm
https://github.com/pytorch/executorch/commit/ede82493dae6d2d43f8c424e7be4721abe5242be
Scores
CVSS v3
9.8
EPSS
0.0024
EPSS Percentile
47.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-122
Status
published
Products (4)
Meta Platforms, Inc/ExecuTorch
< https://github.com/pytorch/executorch/commit/ede82493dae6d2d43f8c424e7be4721abe5242be
org.pytorch/executorch-android
0 - 0.7.0Maven
pypi/executorch
0 - 0.7.0PyPI
SwiftURL/executorch
0 - 0.7.0SwiftURL
Published
Aug 07, 2025
Tracked Since
Feb 18, 2026