Google TensorFlow, an end-to-end open source machine learning platform, is vulnerable to arbitrary code execution in versions prior to Google TensorFlow 2.6.0. The vulnerability stems from YAML deserialization. An attacker could exploit this vulnerability to execute arbitrary code.