Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2025-65889: n/a

0
High
VulnerabilityCVE-2025-65889cvecve-2025-65889
Published: Wed Jan 28 2026 (01/28/2026, 00:00:00 UTC)
Source: CVE Database V5

Description

A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

AI-Powered Analysis

AILast updated: 01/28/2026, 17:35:26 UTC

Technical Analysis

CVE-2025-65889 identifies a type validation flaw within the flow.dstack() function of OneFlow version 0.9.0, an open-source deep learning framework used for AI and machine learning workloads. The vulnerability arises because the function does not properly validate the types of inputs it processes, allowing an attacker to submit specially crafted inputs that cause the system to crash or become unresponsive, resulting in a Denial of Service (DoS). This flaw affects the availability of services relying on OneFlow for data stacking operations. The vulnerability does not require authentication, meaning any user or external actor capable of interacting with the vulnerable function can exploit it. No known exploits have been reported in the wild, and no patches or fixes have been published at this time. The lack of a CVSS score indicates that the vulnerability is newly disclosed and not yet fully assessed. The attack vector is local or network-based depending on how OneFlow is deployed, typically in AI pipelines or data processing environments. The flaw could be leveraged to disrupt AI model training or inference workflows, causing operational downtime and potential cascading effects on dependent systems.

Potential Impact

For European organizations, the primary impact of CVE-2025-65889 is the potential disruption of AI and machine learning services that utilize OneFlow, particularly in research institutions, technology companies, and industries adopting AI-driven automation. A successful DoS attack could halt critical data processing tasks, delay model training, and reduce service availability, impacting business continuity and operational efficiency. Organizations relying on OneFlow for production workloads may experience downtime, leading to financial losses and reputational damage. The vulnerability could also be exploited as part of a broader attack chain to distract or exhaust resources. Since OneFlow is used in AI research and development, sectors such as automotive, finance, healthcare, and manufacturing in Europe could be indirectly affected. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers often weaponize such vulnerabilities once disclosed.

Mitigation Recommendations

To mitigate CVE-2025-65889, organizations should implement strict input validation controls around any interfaces interacting with the flow.dstack() function to prevent malformed or malicious data from triggering the flaw. Network segmentation and access controls should limit exposure of OneFlow services to trusted users and systems only. Monitoring and anomaly detection systems should be configured to identify unusual input patterns or service crashes indicative of exploitation attempts. Where possible, deploy OneFlow in isolated or containerized environments to contain potential DoS effects. Organizations should track vendor advisories and community updates for patches or security fixes and apply them promptly once available. Additionally, conducting regular security assessments and code reviews of AI frameworks can help identify similar vulnerabilities proactively. Backup and recovery plans should be tested to ensure rapid restoration of services in case of disruption.

Need more detailed analysis?Upgrade to Pro Console

Technical Details

Data Version
5.2
Assigner Short Name
mitre
Date Reserved
2025-11-18T00:00:00.000Z
Cvss Version
null
State
PUBLISHED

Threat ID: 697a457a4623b1157cdb191a

Added to database: 1/28/2026, 5:20:58 PM

Last enriched: 1/28/2026, 5:35:26 PM

Last updated: 2/5/2026, 8:02:29 AM

Views: 20

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats