CVE-2026-24747 HIGH

CVE-2026-24747: PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Vendor Pytorch

Product pytorch

Weakness CWE-502 · Unsafe deserialization

Published January 27, 2026

Last update June 30, 2026

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.

Key dates

02Disclosure timeline

January 27, 2026 CVE published

June 30, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-24747 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

04Related CVE

CVE-2024-11947 GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability CVE-2025-24777 WordPress Hillter theme <= 3.0.7 - PHP Object Injection Vulnerability CVE-2025-15351 Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability CVE-2024-39636 WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability CVE-2023-34434 Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param