CVE-2026-41667

medium

Description

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.

References

https://github.com/Samsung/ONE/pull/16481

Details

Source: Mitre, NVD

Published: 2026-04-22

Updated: 2026-04-22

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 6.6

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H