CVE-2026-40450

CVSS 6.6 MEDIUMEPSS 0.1%CWE-190

Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Affected products

Samsung Open Source · ONE

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Samsung/ONE/pull/16481