CVE-2025-30404CRITICAL 9.8EPSS p42.7%

CVE-2025-30404CVE-2025-30404

Description

An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.57% probability of exploitation · percentile 42.7% · 2026-06-19T12:03:05Z
Published2025-08-07
Last modified2026-04-15

Underlying weaknesses· 1

CWE-190

References

  1. https://github.com/pytorch/executorch/commit/d158236b1dc84539c1b16843bc74054c9dcba006
  2. https://www.facebook.com/security/advisories/cve-2025-30404

1

TypeTargetConfidenceTier
WeaknessInteger Overflow or Wraparoundcwe-1900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30405
CVE
CVE-2025-30402
CVE
CVE-2025-54952
CVE
CVE-2025-54949
CVE
CVE-2025-54950
CVE
CVE-2025-54951
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.