High severityOSV Advisory· Published Jan 22, 2026· Updated Jan 22, 2026
Invalid Memory Access in Sentencepiece,
CVE-2026-1260
Description
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
sentencepiecePyPI | < 0.2.1 | 0.2.1 |
Affected products
3- Range: 0.2.1pre1, v0.1.4, v0.1.5, …
- osv-coords2 versions
< 3.3.7-r6+ 1 more
- (no CPE)range: < 3.3.7-r6
- (no CPE)range: < 0.2.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.