Lucene search
K

777 matches found

NVD
NVD
added yesterday3 views

CVE-2026-47470

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-47471

NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service...

7.5CVSS
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-47471

NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service...

7.5CVSS6.3AI score
Exploits0References2
Nvidia
Nvidia
added yesterday6 views

Security Bulletin: NVIDIA TensorRT-LLM - July 2026

NVIDIA has released a software update for NVIDIA® TensorRT-LLM. To protect your system, clone or update this software from the NVIDIA/TensorRT-LLM GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...

8.4CVSS6.5AI score
Exploits0Affected Software1
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1306 Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

6.1CVSS6.1AI score0.00123EPSS
Exploits0References6
PyPA
PyPA
added 2026/07/07 10:17 a.m.6 views

Invalid char to bool conversion when printing a tensor

ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...

7.5CVSS7.1AI score0.00389EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/07/07 10:17 a.m.5 views

PYSEC-2026-939 Invalid char to bool conversion when printing a tensor

Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...

4.8CVSS7.1AI score0.00389EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1034 Segfault in `CompositeTensorVariantToComponents`

Impact An input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. python import tensorflow as tf encode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2 meta= ""...

4.8CVSS7.1AI score0.0049EPSS
Exploits1References8
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-958 `CHECK_EQ` fail in `tf.raw_ops.TensorListResize`

Impact If tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack. python import numpy as np import tensorflow as tf a = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5 b = np.zeros0, 2, ...

4.8CVSS5.9AI score0.00439EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1013 Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

Impact If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error: python np.ones0, 231, 231 An example of a proof of concept: python import numpy as np import tensorflow as tf inputval =...

4.8CVSS5.9AI score0.0033EPSS
Exploits1References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-947 TensorFlow vulnerable to segfault in `SparseBincount`

Impact If SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True indices = tf.random.uniformshape=, minval=-10000...

5.9CVSS6.9AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 2026/07/07 10:17 a.m.6 views

PYSEC-2026-1016 TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant`

Impact If RaggedTensorToVariant is given a rtnestedsplits list that contains tensors of ranks other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf batchedinput = True rtnestedsplits = tf.constant0,32,64, shape=3,...

5.9CVSS7AI score0.00383EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1004 Missing validation causes denial of service via `DeleteSessionTensor`

Impact The implementation of tf.rawops.DeleteSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf handle = tf.constant"", shape=0, dtype=tf.string...

5.5CVSS5.9AI score0.00325EPSS
Exploits1References11
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1018 Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix`

Impact The implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf indices = tf.constant53, shape=3, dtype=tf.int64 values =...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1032 Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References11
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-942 Missing validation causes `TensorSummaryV2` to crash

Impact The implementation of tf.rawops.TensorSummaryV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import numpy as np import tensorflow as tf tf.rawops.TensorSummaryV2 tag=np.array'test',...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2026/07/02 5:25 a.m.10 views

Important: Red Hat Security Advisory: Red Hat AI Base Images 3.0.2 (tpu)

Red Hat AI Base Images 3.0.2 tpu is now available. Red Hat® AI Base Images...

8CVSS5.8AI score0.0032EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/29 4:39 a.m.9 views

CVE-2026-53923

A flaw was found in vLLM. Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels leads to partial tensor processing. This results in the output tensor retaining previously used GPU memory, which, in multi-tenant inference deployments, can expose sensitive tensor data from other...

7.5CVSS5.7AI score0.00281EPSS
Exploits0References6
CVE
CVE
added 2026/06/23 12:12 p.m.18 views

CVE-2025-71370

Vulnerability summary (CVE-2025-71370): picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via p...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 11:16 p.m.11 views

CVE-2026-53923

vLLM is an inference and serving engine for large language models LLMs. From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via...

7.5CVSS0.00281EPSS
Exploits0References3
Rows per page
Query Builder