CVE-2022-0845

⛔ critical

🔍 Scan for this CVE

Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0.

CVSS Score

9.8

Critical

EPSS Score

0.3

Exploit Probability

Published Date

2022-03-05

First Seen: 2026-01-05

This CVE is Very High Risk - more severe than 90.5% of all 328,009 vulnerabilities in our database.

#31,168

Top 10% most severe

Severity Percentile

Last Modified 2024-11-21

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-94

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
lightningai	pytorch_lightning	Affected	< 1.6.0

Patch Third Party Advisory

Exploit Issue Tracking Patch Third Party Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-44484	⛔ critical	9.8	0.1	PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introdu...	2026-05-14
CVE-2026-31221	⚠️ high	7.8	0.2	PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability (CWE-502) in the checkpoi...	2026-05-12
CVE-2024-8019	⛔ critical	9.1	1.0	In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the `LightningApp` when running on a Windows ...	2025-03-20
CVE-2024-8020	⚠️ high	7.5	0.1	A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sendi...	2025-03-20
CVE-2024-5980	⛔ critical	9.8	10.7	A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path t...	2024-06-27
CVE-2024-5452	⛔ critical	9.8	56.7	A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to im...	2024-06-06

These CVEs affect the same products