CVE-2025-62608
Published: 21 November 2025
Summary
CVE-2025-62608 is a medium-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Ml-Explore Mlx. Its CVSS base score is 5.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 25.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Deep Learning Frameworks; in the Data-Related Vulnerabilities risk domain.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-198501
Vulnerability details
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information…
more
disclosure. This issue has been patched in version 0.29.4.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Deep Learning Frameworks
- Risk Domain
- Data-Related Vulnerabilities
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: machine learning, numpy
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow with out-of-bounds read in MLX when parsing malicious .npy files enables client-side exploitation for potential arbitrary code execution (T1203) or application crash via targeted exploitation (T1499.004), with possible information disclosure facilitating further activity.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.