Primary

Context

Samsung Open Source ONE Out-of-Bounds Access Vulnerability in Constant Tensor Import

Vulnerability

A vulnerability exists in Samsung Open Source ONE versions prior to 1.30.0, due to improper validation of STRING tensor offsets. This flaw allows malformed string metadata to cause out-of-bounds access during the import of constant tensors.

Impact

Exploitation of this vulnerability leads to out-of-bounds access, which can potentially be exploited to cause a denial-of-service or to execute arbitrary code.

Remediation

Users can upgrade to version 1.30.0 or later to address this vulnerability.

Added: Apr 22, 2026, 7:23 AM

Updated: Apr 22, 2026, 7:23 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Open Source ONE Out-of-Bounds Access Vulnerability in Constant Tensor Import

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating