CVE-2026-4538 - Vulnerability Details

- PyTorch pt2 Loading deserialization

Description

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.

Published: 2026-03-22

Score: 4.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability exists in PyTorch 2.10.0 within the pt2 Loading Handler. An attacker can manipulate the deserialization process, potentially leading to code execution or other local impacts. The weakness aligns with input validation and unsafe deserialization classes. Attack is limited to local environments and the exploit is publicly available, as indicated by the project’s early notification. The described impact is moderate but could allow an attacker with local access to compromise the system.

Affected Systems

PyTorch version 2.10.0 is affected. The vendor is PyTorch. The issue is confined to the pt2 Loading Handler component. Any installation of this version that loads or deserializes data through this handler is vulnerable. There is no further version detail provided; newer releases may be unaffected.

Risk and Exploitability

The CVSS score of 4.8 indicates a moderate severity. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is local, requiring an attacker with access to the host; however, the publicly available exploit demonstrates that a local attacker could leverage the deserialization flaw. While the risk is limited to the local environment, the potential for arbitrary code execution within that context warrants prompt attention.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

PyTorch

affected

Version	Status	Constraints
`2.10.0`	affected	—

No data.

Vendor Product Confidence Versions

Pytorch

90%

Version	Status	Scheme	Platform
`2.10.0`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Verify if you are running PyTorch 2.10.0 and, if so, upgrade to the latest patched release. If an upgrade is not possible, limit local user privileges and consider disabling the pt2 loading handler or restricting its use. Apply file permission controls to prevent unauthorized modification of serialization inputs. Monitor system logs for unusual deserialization activity and stay updated on any new security advisories from PyTorch.

Generated by OpenCVE AI on March 22, 2026 at 05:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/pytorch/pytorch/
https://github.com/pytorch/pytorch/pull/176791
https://nvd.nist.gov/vuln/detail/CVE-2026-4538
https://vuldb.com/?ctiid.352326
https://vuldb.com/?id.352326
https://vuldb.com/?submit.774681
https://www.cve.org/CVERecord?id=CVE-2026-4538

History

Mon, 23 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 23 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2026-4538 https://www.cve.org/CVERecord?id=CVE-2026-4538
Metrics	threat_severity `None`	threat_severity `Moderate`

Mon, 23 Mar 2026 10:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Pytorch Pytorch pytorch
Vendors & Products		Pytorch Pytorch pytorch

Sun, 22 Mar 2026 04:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.
Title		PyTorch pt2 Loading deserialization
Weaknesses		CWE-20 CWE-502
References		https://github.com/pytorch/pytorch/ https://github.com/pytorch/pytorch/pull/176791 https://vuldb.com/?ctiid.352326 https://vuldb.com/?id.352326 https://vuldb.com/?submit.774681
Metrics		cvssV2_0 `{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Pytorch Pytorch

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-22T04:20:28.356Z

Updated: 2026-03-23T16:21:46.022Z

Reserved: 2026-03-21T08:13:45.702Z

Link: CVE-2026-4538

Vulnrichment

Updated: 2026-03-23T16:21:41.788Z

NVD

Status : Awaiting Analysis

Published: 2026-03-22T05:16:20.273

Modified: 2026-03-23T14:31:37.267

Link: CVE-2026-4538

Redhat

Severity : Moderate

Publid Date: 2026-03-22T04:20:28Z

Links: CVE-2026-4538 - Bugzilla

OpenCVE Enrichment

Updated: 2026-03-25T14:46:38Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object