CVE-2021-41221: TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn
Summary
TensorFlow (an open source machine learning platform) has a vulnerability where shape inference code for certain operations can be tricked into accessing invalid memory through a heap buffer overflow (where a program writes data beyond the allocated memory space). This happens because the code doesn't verify that certain input parameters have the correct structure before using them.
Solution / Mitigation
The fix will be included in TensorFlow 2.7.0. The patch will also be backported (adapted and released) for TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4.
Vulnerability Details
7.8(high)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-41221
First tracked: February 15, 2026 at 08:40 PM
Classified by LLM (prompt v3) · confidence: 95%