CVE-2025-62608: 
Python vulnerability analysis and mitigation

CVE-2025-62608 is a heap buffer overflow vulnerability discovered in MLX (mlx pip package) versions <=0.29.3. The vulnerability was disclosed on November 21, 2025, affecting the load() function when parsing malicious NumPy .npy files. The issue was patched in version 0.29.4 (GitHub Advisory).

The vulnerability exists in mlx/io/load.cpp where the parser reads a 118-byte header from the file but incorrectly handles string creation and boundary checking. At line 268, std::string(&buffer[0]) stops at the first null byte, creating a truncated string. Subsequently, at line 276, the code attempts to read header[34] without length verification, resulting in a 13-byte out-of-bounds read beyond the allocation. The vulnerability has been assigned a CVSS v3 score of 6.5, indicating moderate severity (Red Hat Security).

When exploited, this vulnerability can lead to application crashes or potential information disclosure through a 13-byte heap memory leak. The vulnerability affects MLX users across all platforms who process untrusted input through the vulnerable methods, particularly when handling malicious .npy files such as model weights, datasets, or checkpoints (GitHub Advisory).

The vulnerability has been fixed in MLX version 0.29.4. The recommended mitigation is to upgrade to this or a later version. The fix involves proper string construction with explicit length parameter and boundary checking before accessing header elements (GitHub Advisory).