CVE-2026-40450

MEDIUM CVSS 6.6 View on NVD ↗

Description

Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

References

https://github.com/Samsung/ONE/pull/16481

Published: Apr 22, 2026 07:16 UTC Modified: Apr 22, 2026 21:23 UTC