CVE-2018-10055: Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 cou
mediumvulnerability
security
Summary
CVE-2018-10055 is a vulnerability in TensorFlow (a machine learning framework) versions before 1.7.1 where the XLA compiler (a tool that optimizes machine learning code) has a memory access bug that could crash the program or allow reading data from other parts of the computer's memory when processing a specially crafted configuration file.
Vulnerability Details
CVSS Score
5.8
EPSS (30-day exploit probability)
EPSS: 0.2%
Classification
Attack SophisticationModerate
Impact (CIA+S)
confidentialityavailability
AI Component TargetedFramework
Affected Vendors
Google
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2018-10055
First tracked: February 15, 2026 at 08:38 PM
Classified by LLM (prompt v3) · confidence: 92%