{"data":{"id":"2ac9b1f8-012f-4581-9b0a-b79e05b8d68c","title":"CVE-2026-2492: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability al","summary":"TensorFlow has a vulnerability where it loads plugins from an unsafe location, allowing attackers who already have low-level access to a system to gain higher privileges (privilege escalation, where an attacker gains elevated permissions to do things they normally couldn't). An attacker exploiting this flaw could run arbitrary code (any commands they choose) with the same permissions as the target user.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-2492","publishedAt":"2026-02-20T23:16:05.440Z","cveId":"CVE-2026-2492","cweIds":["CWE-427"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00016,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}