AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2018-7576: Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-depen

mediumvulnerability

security

Source: NVD/CVE DatabaseApril 23, 2019CVE-2018-7576

Summary

Google TensorFlow version 1.6.x and earlier contains a null pointer dereference vulnerability (a type of bug where software tries to access memory that doesn't exist, causing it to crash or behave unexpectedly). The vulnerability's impact depends on the specific context in which TensorFlow is being used.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Impact (CIA+S)

availabilityintegrity

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-476

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2018-7576

First tracked: February 15, 2026 at 08:38 PM

Classified by LLM (prompt v3) · confidence: 92%