CVE-2023-25671: TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type
highvulnerability
security
Summary
TensorFlow (an open source platform for machine learning) has a vulnerability called out-of-bounds access (a bug where code tries to read or write data outside the memory area it should access), caused by mismatched integer type sizes (using different number formats where the same one was expected). The issue can be fixed by updating to TensorFlow version 2.12.0 or 2.11.1.
Solution / Mitigation
A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
Vulnerability Details
CVSS Score
7.5(high)
EPSS (30-day exploit probability)
EPSS: 0.3%
Classification
Attack SophisticationModerate
Impact (CIA+S)
integrityavailability
AI Component TargetedFramework
Affected Vendors
Google
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-25671
First tracked: February 15, 2026 at 08:42 PM
Classified by LLM (prompt v3) · confidence: 95%