CVE-2025-0649: Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbound
Summary
CVE-2025-0649 is a bug in Google's TensorFlow Serving (a tool that runs machine learning models as a service) versions up to 2.18.0 where incorrect handling of JSON input can cause unbounded recursion (a program calling itself repeatedly without stopping), leading to server crashes. This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 8.9, indicating high severity. The issue relates to out-of-bounds writes (writing data to unintended memory locations) and stack-based buffer overflow (overflowing a memory region meant for temporary data).
Solution / Mitigation
A patch is available at https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf (identified by Google Inc. as the official patch for this vulnerability).
Vulnerability Details
7.5(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-0649
First tracked: February 15, 2026 at 08:42 PM
Classified by LLM (prompt v3) · confidence: 92%