CVE-2025-55553

Description

A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

How to fix CVE-2025-55553

To remediate CVE-2025-55553, upgrade the affected package to a fixed version below.

• Bitnami/pytorch—upgrade to 2.7.1 or later
• Debian/pytorch—no fix listed
• PyPI/torch—upgrade to 2.7.1 or later

Is CVE-2025-55553 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

• from 0, < 2.7.1
• from 0
• from 0, < 2.7.1

CVSS scores

References (5)

• ADVISORYgist.github.com/shaoyuyoung/0e7d2a586297ae9c8ed14d8706749efc
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2025-55553
• PATCHgithub.com/pytorch/pytorch/pull/154645
• REPORTgithub.com/pytorch/pytorch/issues/151432
• WEB