CVE-2025-71001

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
28/01/2026
Last modified:
03/02/2026

Description

A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:oneflow:oneflow:0.9.0:*:*:*:*:*:*:*