9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-30405

GHSA ID

GHSA-84m3-f99p-cqx5

EPSS Score

0.0324%

CWE

CWE-190

Published

8/8/2025

Updated

8/12/2025

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-30405

CVE-2025-30405: ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-30405

CVE-2025-30405:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-30405

GHSA ID

GHSA-84m3-f99p-cqx5

EPSS Score

0.0324%

CWE

CWE-190

Published

8/8/2025

Updated

8/12/2025

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
executorch	pip	< 0.7.0	0.7.0

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis of the provided vulnerability information and the associated commit 0830af8207240df8d7f35b984cdf8bc35d74fa73 directly points to the vulnerable function. The commit message explicitly states, "Integer overflow in HierarchicalAllocator::get_offset_address()". The patch applied to runtime/core/hierarchical_allocator.h introduces a check to prevent an integer overflow before a memory allocation check. This confirms that the get_offset_address function within the torch::executor::HierarchicalAllocator class was the location of the vulnerability. The vulnerability lies in the fact that without the added check, an attacker could provide a specially crafted model that causes offset_bytes + size_bytes to overflow, leading to an out-of-bounds write and potential code execution. Therefore, the identified function torch::executor::HierarchicalAllocator::get_offset_address is the precise location of the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-30405: ExecuTorch integer overflow vulnerability

CVE-2025-30405:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2025-30405: ExecuTorch integer overflow vulnerability

Technical Details

9.8

9.8

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI