PatchSiren cyber security CVE debrief
CVE-2025-70999 Oneflow-Inc CVE debrief
CVE-2025-70999 is a HIGH severity vulnerability in OneFlow v0.9.0, allowing attackers to cause a Denial of Service (DoS) via a crafted device ID. The vulnerability is caused by a GPU device-ID validation flaw in the flow.cuda.get_device_capability() component. This vulnerability affects users of OneFlow v0.9.0, who should be aware of this vulnerability and take necessary precautions to prevent exploitation. The exposure question revolves around whether OneFlow v0.9.0 is deployed in managed environments and if so, assign an owner for follow-up. The likely defender workflow includes reviewing the supplied official advisory or CVE record, planning vendor-supported updates or mitigations, and tracking exceptions.
- Vendor
- Oneflow-Inc
- Product
- OneFlow
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-28
- Original CVE updated
- 2026-07-05
- Advisory published
- 2026-01-28
- Advisory updated
- 2026-07-05
Who should care
Users of OneFlow v0.9.0, particularly those in operator, platform, vulnerability-management, and security teams, should be aware of this vulnerability and take necessary precautions to prevent exploitation. They should confirm whether affected product deployments exist in managed environments, review compensating controls for exposed systems, and monitor for suspicious activity.
Technical summary
The vulnerability is caused by a GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0. This flaw allows attackers to cause a Denial of Service (DoS) via a crafted device ID. The vulnerability has a CVSS score of 7.5 and a CVSS severity of HIGH. To further understand the vulnerability, note that OneFlow is an open-source deep learning framework, and its users should verify their installations to ensure they are not exposed. Users should also monitor for suspicious activity and implement compensating controls to detect and prevent crafted device ID attacks.
Defensive priority
High
Recommended defensive actions
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
Evidence notes
The CVE record was published on 2026-01-28T18:16:51.867Z and was last modified on 2026-07-05T02:17:39.417Z. The NVD entry is currently Modified. The source item URL for CVE-2025-70999 is available, but its content is not provided. The official CVE record and NVD detail page for CVE-2025-70999 are also available. However, the evidence is limited, and defenders should verify the affected scope and severity based on the supplied official advisory or CVE record.
Official resources
-
CVE-2025-70999 CVE record
CVE.org
-
CVE-2025-70999 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
[email protected] - Not Applicable
-
Mitigation or vendor reference
[email protected] - Exploit, Issue Tracking, Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-01-28T18:16:51.867Z and has not been modified since then. The NVD entry is currently Modified.