CVE-2026-6839

MEDIUM CVSS 6.6 View on NVD ↗

Description

Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

References

https://github.com/Samsung/ONE/pull/16481

Published: Apr 22, 2026 07:16 UTC Modified: Apr 22, 2026 21:23 UTC