Sign In

CVE-2026-4538

ADVISORY - nist

Summary

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.

EPSS Score: 0.00023 (0.065)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20

Improper Input Validation

CWE-502

Deserialization of Untrusted Data

ADVISORY - redhat

CWE-502

Deserialization of Untrusted Data

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in