Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-65890
CVE-2025-65890
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index.
Published Jan 30, 2026
https://github.com/CVEProject/cvelistV5/blob/main/cves/2025/65xxx/CVE-2025-65890.json
CVSS Score
High
7.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
oneflow
0.9.0
1-1 of 1
CVE-2025-65890 | Components Impacted | Sonatype Guide | Sonatype Guide
