Fedora 45 : sentencepiece (2026-8755a17c6e)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8755a17c6e advisory. Automatic update for sentencepiece-0.2.1-1.fc45. Changelog Tue May 19 2026 Peter Robinson - 0.2.1-1 - Update to 0.2.1 - Fixes CVE-2026-1260 rhbz2432139...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

OSV-2026-646 Heap-buffer-overflow in sentencepiece::unigram::Model::EncodeOptimized

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=507169860 Crash type: Heap-buffer-overflow READ 8 Crash state: sentencepiece::unigram::Model::EncodeOptimized sentencepiece::unigram::Model::Encode sentencepiece::SentencePieceProcessor::Encode...

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses wheel-0.41.3-py3-none-any.whl, orjson-3.10.14-cp311-cp311-manylinux217x8664.manylinux2014x8664.whl, pythonmultipart-0.0.21-py3-none-any.whl, pyasn1-0.6.1.tar.gz, sentencepiece-0.2.0-cp311-cp311-manylinux217x8664.manylinux2014x8664.whl, tar-7.4.3.tgz, tar-7.5.2.tgz...

Google SentencePiece Buffer Overflow Vulnerability

Google SentencePiece is an unsupervised text splitter for neural network-based text generation from Google USA. Google SentencePiece suffers from a buffer overflow vulnerability that stems from an invalid memory access when using a vulnerable model file created by an unusual training process. No...

CVE-2026-1260

A flaw was found in Sentencepiece. This flaw involves invalid memory access when the software processes a specially crafted, vulnerable model file. A local attacker could exploit this by tricking a user into loading such a file. Successful exploitation could lead to a denial of service, informati...

170051277-trab-final-gces (>=0.3.0 <=0.5.0), 2022-2-gces-ifpf (=0.3.0) +525 more potentially affected by CVE-2026-1260 via sentencepiece (>=0.1.82 <=0.2.0)

sentencepiece PYPI version =0.1.82, =0.3.0, =0.0.4.80, =1.0.32, =1.1.0, =0.3.0, =0.5.0, =0.2.2, =2.0.0, =0.3.5, =0.0.3, =0.3.0, =0.3.17 - akira =0.1.2 - al-for-design =0.0.1 - alignmap =1.0.0 and more Source cves: CVE-2026-1260 Source advisory: OSV:GHSA-38VQ-G6VR-W8WF...

Sentencepiece has a a heap overflow issue

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

GHSA-38VQ-G6VR-W8WF Sentencepiece has a a heap overflow issue

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

170051277-trab-final-gces (>=0.3.0 <=0.5.0), 2022-2-gces-ifpf (=0.3.0) +525 more potentially affected by CVE-2026-1260 via sentencepiece (>=0.1.82 <=0.2.0)

sentencepiece PYPI version =0.1.82, =0.3.0, =0.0.4.80, =1.0.32, =1.1.0, =0.3.0, =0.5.0, =0.2.2, =2.0.0, =0.3.5, =0.0.3, =0.3.0, =0.3.17 - akira =0.1.2 - al-for-design =0.0.1 - alignmap =1.0.0 and more Source cves: CVE-2026-1260 Source advisory: SNYK:PYTHON-SENTENCEPIECE-15091567...

Heap-based Buffer Overflow

Overview sentencepiece is an Unsupervised text tokenizer and detokenizer. Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the processing of a malicious model file. An attacker can cause the application to access invalid memory regions by supplying a model file...

CVE-2026-1260

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

CVE-2026-1260

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

CVE-2026-1260

CVE-2026-1260 affects Sentencepiece: invalid memory access in versions

CVE-2026-1260

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

CVE-2026-1260 Invalid Memory Access in Sentencepiece,

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

CVE-2026-1260 Invalid Memory Access in Sentencepiece,

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

EUVD-2026-3802

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

PT-2026-4204

Name of the Vulnerable Software and Affected Versions Sentencepiece versions prior to 0.2.1 Description An invalid memory access issue exists in Sentencepiece when processing a specially crafted model file that was not generated through standard training procedures. This can lead to a crash or...

Google SentencePiece 安全漏洞

Google SentencePiece is an unsupervised text splitter for neural network-based text generation from Google USA. Google SentencePiece suffers from a buffer overflow vulnerability that stems from an invalid memory access when using a vulnerable model file created by an unusual training process. No...