CVE-2025-30402
ExecuTorch vulnerable to Heap-based Buffer Overflow attack
8.1
HIGH
CVSS 3.1
EPSS 0.43%
Description
A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f
How to fix CVE-2025-30402
To remediate CVE-2025-30402, upgrade the affected package to a fixed version below.
- —upgrade to 0.7.0-rc1 or later
- —upgrade to 0.7.0 or later
Is CVE-2025-30402 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.7.0-rc1
- from 0, < 0.7.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |