CVE-2025-30405CRITICAL 9.8EPSS p42.7%

CVE-2025-30405CVE-2025-30405

Description

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.57% probability of exploitation · percentile 42.7% · 2026-06-18T12:00:27Z
Published2025-08-07
Last modified2026-04-15

Underlying weaknesses· 1

CWE-190

References

  1. https://github.com/pytorch/executorch/commit/0830af8207240df8d7f35b984cdf8bc35d74fa73
  2. https://www.facebook.com/security/advisories/cve-2025-30405

1

TypeTargetConfidenceTier
WeaknessInteger Overflow or Wraparoundcwe-1900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30404
CVE
CVE-2025-54952
CVE
CVE-2025-30402
CVE
CVE-2025-54950
CVE
CVE-2025-54949
CVE
CVE-2025-54951
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.