CVE-2025-27780: Python Torch Load Without Weights Only
`torch.load` is called without `weights_only=True`. By default, `torch.load` uses Python's `pickle` module to deserialize checkpoint files, which executes arbitrary code embedded in the file (e.g. via `__reduce__` hooks). If the loaded path can be influenced by an attacker-controlled checkpoint (community model hubs, user-supplied paths, shared drives), this
greprules fetch cve-2025-27780-python-torch-load-without-weights-only --engine opengrepDescription
`torch.load` is called without `weights_only=True`. By default, `torch.load` uses Python's `pickle` module to deserialize checkpoint files, which executes arbitrary code embedded in the file (e.g. via `__reduce__` hooks). If the loaded path can be influenced by an attacker-controlled checkpoint (community model hubs, user-supplied paths, shared drives), this
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.