NULL pointer dereference in onnx - CVE-2026-44512
Published: July 3, 2026
onnx
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a null pointer dereference in Upsample_6_7::adapt_upsample_6_7() when processing a crafted model with an Upsample node that has zero inputs during version conversion. A remote attacker can trick the victim into opening a crafted model to cause a denial of service.
Debug builds abort with an assertion failure, while release builds crash with SIGSEGV.