Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-1260
CVE-2026-1260
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure.
Published Jan 23, 2026
https://github.com/advisories/GHSA-38vq-g6vr-w8wf
CVSS Score
High
7.8
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
sentencepiece
0.0.0
pypi
sentencepiece
0.0.1
pypi
sentencepiece
0.0.2
pypi
sentencepiece
0.0.3
pypi
sentencepiece
0.0.4
pypi
sentencepiece
0.0.5
pypi
sentencepiece
0.0.6
pypi
sentencepiece
0.0.7
pypi
sentencepiece
0.0.9
pypi
sentencepiece
0.1.0
pypi
sentencepiece
0.1.1
pypi
sentencepiece
0.1.2
pypi
sentencepiece
0.1.3
pypi
sentencepiece
0.1.4
pypi
sentencepiece
0.1.5
pypi
sentencepiece
0.1.6
pypi
sentencepiece
0.1.7
pypi
sentencepiece
0.1.81
pypi
sentencepiece
0.1.82
pypi
sentencepiece
0.1.83
pypi
sentencepiece
0.1.85
pypi
sentencepiece
0.1.86
pypi
sentencepiece
0.1.8
pypi
sentencepiece
0.1.90
pypi
sentencepiece
0.1.91
pypi
sentencepiece
0.1.92
pypi
sentencepiece
0.1.94
pypi
sentencepiece
0.1.95
pypi
sentencepiece
0.1.96
pypi
sentencepiece
0.1.97
pypi
sentencepiece
0.1.98
pypi
sentencepiece
0.1.99
pypi
sentencepiece
0.1.9
pypi
sentencepiece
0.2.0
1-34 of 34
CVE-2026-1260 | Components Impacted | Sonatype Guide | Sonatype Guide
