AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2019-10844: nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environm

lowvulnerability

security

Source: NVD/CVE DatabaseApril 4, 2019CVE-2019-10844

Summary

CVE-2019-10844 is a vulnerability in Sony Neural Network Libraries (nnabla) through version v1.0.14 where the logger component relies on the HOME environment variable (a system setting that tells programs where a user's personal files are stored), which may be untrusted and could potentially be exploited. The vulnerability affects the libnnabla.a library file used in the software.

Vulnerability Details

CVSS Score

7.5

EPSS (30-day exploit probability)

EPSS: 0.4%

Classification

Attack SophisticationTrivial

Impact (CIA+S)

confidentiality

AI Component TargetedFramework

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2019-10844

First tracked: February 15, 2026 at 08:53 PM

Classified by LLM (prompt v3) · confidence: 75%