Weak Hash Vulnerability in onnx-mlir from ONNX
CVE-2026-11329
2LOW
What is CVE-2026-11329?
A vulnerability exists in the onnx-mlir component of the ONNX framework, specifically within the generate_hash_key function of the Placeholder Node Cache Handler. This flaw allows potential attackers to exploit weak hashing methods, which could lead to cache collisions. Notably, the exploitation requires local access and is characterized by its high complexity, making it challenging to execute. It is imperative for users to apply the recommended patch (commit ID: 72c5187ff6d13c2c2b3d3789b8f5faf99f08a5b4) to mitigate the risks associated with this vulnerability.
Affected Version(s)
onnx-mlir 0.5.0
