Samsung Open Source ONE EUVD-2026-24626

| CVE-2026-41667 MEDIUM

Integer Overflow or Wraparound (CWE-190)

2026-04-22 samsung.tv_appliance

GHSA-68gc-c9cv-7m2c

Buffer Overflow Integer Overflow Samsung

6.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 22, 2026 - 06:49 vuln.today

DescriptionNVD

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.

AnalysisAI

Integer overflow in constant tensor data size calculation in Samsung Open Source ONE prior to version 1.30.0 allows local attackers with user interaction to cause incorrect buffer sizing for large constant nodes, leading to buffer overflow conditions that may result in information disclosure or denial of service. The vulnerability requires local access and user interaction but can trigger high-severity memory corruption due to incorrect buffer allocation for tensors exceeding integer size limits.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-24626 vulnerability details – vuln.today

Back