Improperly Controlled Modification of Dynamically-Determined Object Attributes in onnx - CVE-2026-34445
Published: April 27, 2026
Vulnerability identifier: #VU128169
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2026-34445
CWE-ID: CWE-915
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Open Neural Network Exchange
Affected software:
onnx
onnx
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service and disclose sensitive information.
The vulnerability exists due to improperly controlled modification of dynamically-determined object attributes in the ExternalDataInfo class when loading metadata from an ONNX model file. A remote attacker can supply a specially crafted model file to cause a denial of service and disclose sensitive information.
The issue can be triggered by overwriting object properties such as length or offset, and injected dunder attributes may corrupt object state.
How to mitigate CVE-2026-34445
Install security update from vendor's website.