736 matches found
CVE-2026-49121
AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...
CVE-2026-49121
CVE-2026-49121 affects AI Tensor Engine for ROCm (AITER) up to version 0.1.14. The vulnerability exists in the MessageQueue.recv() function in shm_broadcast.py, where an unauthenticated remote attacker can deliver a crafted pickle payload to a ZMQ SUB socket (no authentication, no HMAC, no format...
swimtrack-poc
SwimTrack PoC This directory contains a proof of concept for...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
Linux Distros Unpatched Vulnerability : CVE-2026-42627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size...
DEBIAN-CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
UBUNTU-CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
CVE-2026-42627
Arm NN contains a vulnerability up to version 2026-03-27 where an integer overflow in TensorShape::GetNumElements() (armnn/Tensor.cpp) allows a crafted TFLite model to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multi...
Malicious code in tensor-compute (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a3d1b50077a6311a43061891fa560d2c180fbdbd12ab4965e0d265910e6ef68 [email protected] presents itself as a Rust-backed tensor library but is a dropper. setup.py registers a custom buildext command src/buildext.py...
MAL-2026-4223 Malicious code in tensor-compute (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a3d1b50077a6311a43061891fa560d2c180fbdbd12ab4965e0d265910e6ef68 [email protected] presents itself as a Rust-backed tensor library but is a dropper. setup.py registers a custom buildext command src/buildext.py...
PYSEC-2026-145
vLLM is an inference and serving engine for large language models LLMs. From to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash ...
CVE-2026-44223 vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters
vLLM is an inference and serving engine for large language models LLMs. From to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash ...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the GGUF model loader. An attacker can access sensitive server memory contents, including environment variables, API keys, system prompts, and concurrent users' conversation data, by submitting a specially crafted...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the GGUF model loader. An attacker can access sensitive server memory contents, including environment variables, API keys, system prompts, and concurrent users' conversation data, by submitting a specially crafted...
CVE-2026-7482 Ollama heap out-of-bounds read in GGUF tensor parsing leaks server process memory to unauthenticated remote attackers
Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...
CVE-2026-7482
Ollama CVE-2026-7482 is a heap out-of-bounds read in the GGUF model loader affecting the /api/create path, where an attacker-supplied GGUF file can declare tensor offsets/sizes that exceed the file, causing reads past the allocated heap in fs/ggml/gguf.go and server/quantization.go (WriteTo()). L...
SUSE CVE-2026-7020
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...