Bounties
Partners
Community
Info
apache / tvm
Project repository
Open deep learning compiler stack for cpu, gpu and specialized accelerators
Submit a report
FIRST INTERACTION
WITHIN
30 DAYS
REVIEW
WITHIN
22 DAYS
FIX
WITHIN
N/A DAYS
Remote Code Execution via Distributed RPC Server XGBoost Model Load
Apr 12th 2026
sukhawarring
•
duplicate
Critical
Arbitrary Code Execution via Insecure Deserialization in popen_worker and pickle...
Apr 11th 2026
finddabugs
•
duplicate
High
Command injection in Hexagon simulator launcher via unsafe workspace path
May 1st 2026
adi783885
•
self closed
Arbitrary Code Execution via Pickle Cache Poisoning in pickle_memoize
Apr 11th 2026
tranhoangtu-it
•
duplicate
High
Arbitrary code execution via pickle cache poisoning in pickle_memoize.py
Apr 11th 2026
wernerina
•
duplicate
None
RCE via cloudpickle.loads() in popen worker/pool and pickle.load() in cache file...
Apr 11th 2026
nhomyk
•
duplicate
Critical
Arbitrary Code Execution via numpy.load(allow_pickle=True) in XGBModel and Rando...
Mar 17th 2026
odysseypro25-project
•
duplicate
High
Unsafe torch.load() in MLPModel.load() Enables RCE via Malicious Cost Model Arch...
Mar 18th 2026
odysseypro25-project
•
self closed
Unsafe torch.load() and np.load(allow_pickle=True) in TVM MLP Cost Model Enables...
Mar 18th 2026
odysseypro25-project
•
self closed
Path traversal in RPC file upload/download allows arbitrary file read/write on s...
Mar 15th 2026
eistee82
•
self closed
Arbitrary code execution via unsafe pickle.load, torch.load, and np.load(allow_p...
Mar 16th 2026
elucidator-hky
•
self closed
Multiple integer overflows in TVM runtime: shape multiplication in GetDataSize a...
Feb 28th 2026
avienma007
•
self closed
Multiple Unsafe Deserialization Vulnerabilities (pickle.load, torch.load, np.loa...
Mar 10th 2026
shima-coder
•
duplicate
High
Arbitrary Code Execution via Unsafe torch.load() in MSC Codegen
Mar 10th 2026
loris4py
•
duplicate
High
Remote Code Execution (RCE) via Insecure Pickle Deserialization in pickle_memoiz...
Feb 14th 2026
sebas5207418
•
duplicate
High
Insecure Deserialization via np.load(allow_pickle=True) and pickle.load() in Cos...
Mar 10th 2026
jhacksman
•
duplicate
High
1️⃣ Security Vulnerability Report
Mar 10th 2026
agentalphax
•
duplicate
High
Apache TVM FoldConstant Pass Compile-Time Arbitrary Code Execution (RCE)
Mar 11th 2026
mia-718ai
•
not applicable
TVM MinRPC Server Integer Overflow Leads to Heap Buffer Overflow RCE
May 8th 2026
mia-718ai
•
pending
TVM C Code Generator StringImmNode String Escaping Bypass Allows Code Injection
May 8th 2026
mia-718ai
•
pending
TVM UnrollLoop Pass Unbounded Code Expansion leads to Resource Exhaustion DoS
Feb 6th 2026
mia-718ai
•
self closed
Apache TVM verify_trace_roundtrip() Code Injection leading to Remote Code Execut...
Feb 6th 2026
mia-718ai
•
self closed
Stack Overflow in Apache TVM TensorIR Recursive AST Traversal Causes Denial of S...
May 8th 2026
mia-718ai
•
pending
Arbitrary Code Injection via Unvalidated c_symbol_prefix Parameter in PackImport...
May 8th 2026
mia-718ai
•
pending
Apache TVM RelaxToPyFuncConverter T.call_extern() Arbitrary Code Execution
May 8th 2026
mia-718ai
•
pending
TVM MSC Framework torch.load(weights_only=False) Remote Code Execution
Mar 10th 2026
mia-718ai
•
duplicate
High
Denial of Service
May 8th 2026
mia-718ai
•
pending
Apache TVM Relax IR ExprVisitor/ExprMutator Uncontrolled Recursion Stack Overflo...
May 8th 2026
mia-718ai
•
pending
Inclusion of Functionality from Untrusted Control Sphere
May 8th 2026
mia-718ai
•
pending
Apache TVM scatter_elements Out-of-bounds Write via Unvalidated Index
Mar 11th 2026
mia-718ai
•
not applicable
Out-of-bounds Write in TVM index_put Operation Due to Missing Index Bounds Check
Mar 11th 2026
mia-718ai
•
not applicable
Apache TVM take() Operation Out-of-Bounds Read via Unsafe Fast Mode
Mar 11th 2026
mia-718ai
•
not applicable
Unbounded JSON IR Deserialization and Structural Traversal Leads to Remote Denia...
Mar 11th 2026
hyperps
•
informative
High
Command Injection in tvm.contrib.msc.core.codegen.CodeGen via crafted graph name
Mar 11th 2026
boszboll
•
not applicable
Remote Code Execution via Unsafe torch.load() and np.load() in MLPModel Cost Mod...
Mar 10th 2026
jonnylitten
•
informative
High
RPC Proxy Security Bug Fix - Weak Keys and Default Web Bindings
Mar 11th 2026
7908837174
•
informative
Critical
Vulnerability to DoS Attacks Due to Lack of Timeouts in Requests
Feb 6th 2026
freedom-of-the-mind
•
informative
High
TVM RPC infrastructure allows arbitrary code execution when loading untrusted .t...
Apr 10th 2025
kerkroups
•
informative
Critical
Insecure Temporary File in Test Module
Nov 11th 2024
ralph13
•
self closed
TVM allows arbitrary loading of malicious remote SO library functions.
Sep 20th 2024
hexian2001
•
self closed
Local File Read (LFI) via download() RPC End Point
Jul 22nd 2024
zpbrent
•
informative
High
Arbitrary File Delete via remove() RPC End Point
Jul 22nd 2024
zpbrent
•
informative
Critical
Arbitrary File Write via upload() RPC End Point
Jun 28th 2024
zpbrent
•
informative
Critical
Use of Cryptographically Weak Pseudo-Random Number Generator
May 27th 2024
kr3ww
•
self closed
Command injection in get_skipped_tests_comment function
May 27th 2024
kr3ww
•
informative
High
Apache TVM presence command execution
Feb 28th 2024
laoquanshi
•
informative
Critical
Dependency confusion due to unsafe use of external pip indexes leads to RCE
Feb 28th 2024
mgamelot
•
informative
Critical
Apache TVM command execution vulnerability
Nov 22nd 2023
laoquanshi
•
not applicable
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
