CVE-2025-70999 is a HIGH severity vulnerability in OneFlow v0.9.0, allowing attackers to cause a Denial of Service (DoS) via a crafted device ID. The vulnerability is caused by a GPU device-ID validation flaw in the flow.cuda.get_device_capability() component. This vulnerability affects users of OneFlow v0.9.0, who should be aware of this vulnerability and take necessary precautions to prevent exploitatio [truncated]
CVE-2025-65891 is a high-severity vulnerability in OneFlow v0.9.0, allowing attackers to trigger a Denial of Service (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index. The CVE record was published on 2026-01-28T18:16:50.067Z and has not been modified since then. The NVD entry is currently modified. This vulnerability has significant implications for users of OneF [truncated]
CVE-2025-65890 is a HIGH severity vulnerability in OneFlow v0.9.0, allowing attackers to cause a Denial of Service (DoS) via an invalid GPU device index. The vulnerability has a CVSS score of 7.5 and is classified as CWE-400. The CVE record was published on 2026-01-28T17:16:08.677Z and was last modified on 2026-07-05T02:17:30.730Z. This vulnerability can have significant impacts on systems utilizing OneFl [truncated]
CVE-2025-65889 is a type validation flaw in OneFlow v0.9.0's flow.dstack() component, allowing attackers to cause a Denial of Service (DoS) via crafted input. The CVE record was published on 2026-01-28T17:16:08.560Z. This vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. Users of OneFlow v0.9.0 should be aware of this vulnerability and take necessary precautions. The debrief is bas [truncated]
CVE-2025-65888 is a Denial of Service (DoS) vulnerability in OneFlow 0.9.0, caused by a dimension validation flaw in the flow.empty() component. Attackers can exploit this vulnerability via a negative or excessively large dimension value. This vulnerability has a CVSS score of 7.5, indicating a high severity. To address this vulnerability, users of OneFlow 0.9.0 should be aware of the potential risks and [truncated]
CVE-2025-65886 is a shape mismatch vulnerability in OneFlow v0.9.0 that allows attackers to cause a Denial of Service (DoS). This vulnerability is considered High severity with a CVSS score of 7.5. The exposure arises from inadequate validation of tensor shapes, which can be exploited by providing crafted shapes to cause a denial of service. The likely defender workflow involves verifying the presence of [truncated]