All 8 CVE vulnerabilities found in onnx, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34447 | ONNX: External Data Symlink Traversal CWE-61 | 5.5 | Medium | 2026-04-01 |
| CVE-2026-34446 | ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load CWE-22 | 4.7 | Medium | 2026-04-01 |
| CVE-2026-27489 | ONNX: Path Traversal via Symlink CWE-23 | 5.5AI | MediumAI | 2026-04-01 |
| CVE-2026-34445 | ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. CWE-20 | 8.6 | High | 2026-04-01 |
| CVE-2026-28500 | ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack CWE-345 | 8.6 | High | 2026-03-18 |
| CVE-2024-27319 | Open Neural Network Exchange 缓冲区错误漏洞 CWE-125 | 4.4 | Medium | 2024-02-23 |
| CVE-2024-27318 | Open Neural Network Exchange 安全漏洞 CWE-22 | 7.5 | High | 2024-02-23 |
| CVE-2022-25882 | Open Neural Network Exchange 路径遍历漏洞 CWE-22 | 7.5 | High | 2023-01-25 |
All 8 known CVE vulnerabilities affecting onnx with full Chinese analysis, references, and POCs where available.