repository icon
facebookresearch / faiss Project repository

A library for efficient similarity search and clustering of dense vectors.

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN18 DAYS

FIX

WITHINN/A DAYS

Integer Overflow in ilpn Deserialization — Missing mul_no_overflow() causes DoS...
mscgo
self closed
Arbitrary File Read via OnDiskInvertedLists — malicious .index opens any file vi...
mscgo
self closed
Path traversal via OnDiskInvertedLists filename in read_index allows arbitrary f...
eistee82
self closed
Path traversal via OnDiskInvertedLists filename in read_index allows arbitrary f...
eistee82
self closed
Unsafe pickle.load() in faiss big_batch_search() Checkpoint Enables RCE via Mali...
odysseypro25-project
self closed
Arbitrary code execution via eval() injection in FAISS offline IVF configuration...
elucidator-hky
self closed
Arbitrary code execution via unsafe pickle.load and torch.load(weights_only=Fals...
elucidator-hky
self closed
Arbitrary File Read/Truncation via OnDiskInvertedLists Path Traversal
alrightryanx
self closed
Integer Overflow in ArrayInvertedListsPanorama Deserialization Leading to Heap O...
p0her
duplicate
Medium
Heap Buffer Overflow via Crafted NNDescent Index
alrightryanx
duplicate
High
Out-of-bounds Heap Read in ScalarQuantizer Codecs via Crafted FAISS Index File
morecitricacid-coder
self closed
Out-of-bounds Heap Read in ScalarQuantizer Codecs via Crafted FAISS Index File
morecitricacid-coder
self closed
Integer overflow in NSG graph deserialization leads to heap buffer overflow writ...
iiviel
duplicate
Critical
Arbitrary Code Execution via ```pickle.load()``` on Attacker-Supplied Checkpoin...
abdallaabdalrhman
duplicate
High
RPC Server Sends Unrestricted Pickle — Attacker-Controlled Server Achieves RCE o...
abdallaabdalrhman
duplicate
Critical
FAISS IndexBinaryHash BitstringReader Out-of-bounds Read Vulnerability
mia-718ai
duplicate
High
Heap Out-of-Bounds Write via Crafted NSG Index — Arbitrary Code Execution Path
abdallaabdalrhman
duplicate
Critical
FAISS Benchmark Framework Unsafe Pickle Deserialization leads to Remote Code Exe...
mia-718ai
duplicate
High
Unvalidated `n_levels` allows division-by-zero crash in Panorama-based indexes
f00dat
duplicate
High
Heap Buffer Overflow in FAISS IVF via imbalance_factor()
hyperps
pending
FAISS Python API: Externally-Controlled Format String leads to DOS
prodigysec
pending
Faiss NSG Deserialization OOB Write
somet2mes
duplicate
High
Parallel exception masking in OpenMP loops hides failures (CWE-703)
happyjesterr
self closed
Null pointer dereference in GenericDistanceComputer::operator() causes process c...
happyjesterr
self closed
Unmanaged raw pointer allocations may leak memory on exception paths in Faiss (r...
happyjesterr
self closed
Denial of Service via unbounded pickle deserialization in FAISS RPC ( contrib/rp...
0init
duplicate
Medium
Client-side RCE via Unsafe Pickle Deserialization in FAISS contrib/rpc.py (Res...
0init
duplicate
High
Integer Overflow in FAISS IndexBinary::search_and_reconstruct Leading to Memory...
elexs1zz
duplicate
High
Integer Overflow in Binary Search Midpoint Calculation Leading to Out-of-Bounds...
joelindra
pending
Faiss C API: Heap Buffer Overflow in IndexIVF (invlists_get_ids)
thevilledev
pending
Faiss C API: Uninitialized Memory in faiss_Index_sa_code_size Leading to Potenti...
thevilledev
pending
Bypass of RestrictedUnpickler in RPC Module Leads to Remote Code Execution
shenaow
informative
Critical
Buffer Overflow
past3l
informative
High
Insecure Temporary File
h2oa
not applicable
Malicious file loaded to RCE in big_batch_search
supersuperbang
informative
High
Floating Point Exception in index_factory
r3pwnx
pending