Home > Vulnerability Database > CVE-2025-54952

Mend.io Vulnerability Database

CVE-2025-54952

Date: August 7, 2025

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.

Severity Score

9.8

Related Resources (5)

Url: https://www.facebook.com/security/advisories/cve-2025-54952

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-54952

Url: https://github.com/pytorch/executorch

Url: https://github.com/pytorch/executorch/commit/8f062d3f661e20bb19b24b767b9a9a46e8359f2b

Url: https://www.mend.io/vulnerability-database/CVE-2025-54952

Severity Score

9.8

Weakness Type (CWE)

Integer Overflow to Buffer Overflow

CWE-680

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-54952

Date: August 7, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?