UBUNTU-CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

EUVD-2026-31476

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

PT-2026-42819

Name of the Vulnerable Software and Affected Versions Arm ArmNN versions prior to 2026-03-28 Description An integer overflow exists in the TensorShape::GetNumElements function within armnn/Tensor.cpp. This occurs when tensor dimensions are multiplied using 32-bit unsigned arithmetic without...

CVE-2026-40171 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter...

CVE-2026-40171 vulnerabilities

Vulnerabilities for packages: datahub-ingestion, jupyter-base-notebook, tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: datahub-ingestion, jupyter-base-notebook, tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter...

CVE-2026-1462

A flaw was found in the keras package. This vulnerability allows an attacker to execute unauthorized code on a victim's system. It occurs when a victim loads a specially crafted .keras model, even if the safemode security feature is active. The issue arises because the keras package can...

CVE-2026-1462

A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...

CVE-2026-1462 Safe Mode Bypass in keras-team/keras

A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...

Security Bulletin: Arbitrary File Read, SSRF, and Code Execution Vulnerabilities in TensorFlow Keras Model Loading (v2.13) affects watsonx.data

Summary A vulnerability in TensorFlow Keras v2.13 allows malicious .keras model files to trigger arbitrary local file reads, Server-Side Request Forgery SSRF, and potential code execution during model loading—even when safemode=True is enabled. The issue arises from improper handling of external...

OSV-2026-437 Heap-use-after-free in tf::Executor::_invoke

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=494709474 Crash type: Heap-use-after-free WRITE 8 Crash state: tf::Executor::invoke tf::Executor::spawn void std::1::threadproxy...

CVE-2026-31958 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, kubeflow-pipelines-visualization-server, tensorflow-cpu-jupyter, airflow, mitmproxy...

GHSA-QJXF-F2MG-C6MC vulnerabilities

Vulnerabilities for packages: dask-kubernetes, kubeflow-pipelines-visualization-server, tensorflow-cpu-jupyter, airflow, mitmproxy...

AZL-79646 CVE-2026-3713 affecting package tensorflow 2.11.1-2

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

AZL-79652 CVE-2026-3713 affecting package tensorflow 2.16.1-11

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

AZL-79649 CVE-2026-27142 affecting package tensorflow 2.16.1-11

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...