Sentencepiece
Monthly
Memory-corruption in Google's SentencePiece tokenizer library (all versions before 0.2.1) lets a maliciously crafted model file trigger an invalid memory access (CWE-119) when the file is loaded, potentially leading to crashes or arbitrary code execution in the host process. Exploitation requires a victim to load an attacker-supplied model that was deliberately built outside the normal training pipeline, so it is not remotely triggerable on its own. No public exploit identified at time of analysis, and EPSS is 0.00%, but the flaw was reported by Google and is patched in v0.2.1.
Memory-corruption in Google's SentencePiece tokenizer library (all versions before 0.2.1) lets a maliciously crafted model file trigger an invalid memory access (CWE-119) when the file is loaded, potentially leading to crashes or arbitrary code execution in the host process. Exploitation requires a victim to load an attacker-supplied model that was deliberately built outside the normal training pipeline, so it is not remotely triggerable on its own. No public exploit identified at time of analysis, and EPSS is 0.00%, but the flaw was reported by Google and is patched in v0.2.1.