Which versions of Pytorch are affected by CVE-2026-4538?

Organizations using A vulnerability should be aware of moderate risk from CVE-2026-4538, a insecure deserialization vulnerability rated CVSS 5.3.

Is there a public PoC exploit available for CVE-2026-4538?

Yes, a public proof-of-concept exploit is available for CVE-2026-4538. Prioritise patching immediately. EPSS: 0.0%.

Pytorch CVE-2026-4538

Q: What is the CVSS score of CVE-2026-4538?

CVE-2026-4538 has a CVSS 4.0 base score of 1.9 (Low). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-14280 LOW

Deserialization of Untrusted Data (CWE-502)

2026-03-22 VulDB

GHSA-33x2-ppm4-v46v

Deserialization Pytorch

1.9

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

1.9 LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Red Hat

5.3 MEDIUM

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

MEDIUM LOW

CVSS changed

Apr 29, 2026 - 01:11 NVD

5.3 (MEDIUM) 1.9 (LOW)

PoC Detected

Mar 23, 2026 - 14:31 vuln.today

Public exploit code

EUVD ID Assigned

Mar 22, 2026 - 04:30 euvd

EUVD-2026-14280

Analysis Generated

Mar 22, 2026 - 04:30 vuln.today

CVE Published

Mar 22, 2026 - 04:20 nvd

MEDIUM 5.3

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

207 pypi packages depend on torch (128 direct, 79 indirect)

Ecosystem-wide dependent count for version 2.10.0.

DescriptionCVE.org

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.

AnalysisAI

A deserialization vulnerability exists in PyTorch 2.10.0 within the pt2 Loading Handler component, allowing local attackers with low privileges to achieve confidentiality, integrity, and availability impacts through untrusted data processing. The vulnerability (CWE-502) is confirmed to have a publicly available exploit and has been reported to the project via pull request PR#176791, though remediation status remains unclear. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	Real-world risk is moderate, tempered by significant attack constraints. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker with local system access (or a malicious development team member) crafts a specially-formatted PyTorch checkpoint or model file containing gadget chains that execute arbitrary code during deserialization. When a researcher or CI/CD pipeline executes torch.load() or a similar checkpoint restoration function on this file, the unsafe deserialization triggers code execution with the privileges of the PyTorch process, allowing the attacker to exfiltrate training data, inject backdoors into models, or pivot to other systems. …
Remediation	Immediately check the PyTorch GitHub repository (https://github.com/pytorch/pytorch/) and pull request PR#176791 (https://github.com/pytorch/pytorch/pull/176791) for available patches; upgrade to the patched version once released and thoroughly tested in your environment. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

CVE-2026-4538 vulnerability details – vuln.today

Back