DeepSpeed

DeepSpeed is a deep learning optimization library developed by Microsoft for training large-scale AI models. This high-severity vulnerability (CVSS 7.8) requires local access and user interaction to exploit, but once triggered grants an attacker high-level compromise including data theft, system modification, and service disruption—no authentication is needed. Security teams should monitor for malicious files or scripts that trick users into executing code on systems running DeepSpeed, particularly in AI development and research environments, with a patch expected by June 2026.