Security Control Bypass in Open Neural Network Exchange Affecting ONNX Versions

CVE-2026-28500

What is CVE-2026-28500?

The Open Neural Network Exchange (ONNX) has a vulnerability in its model-loading functionality present in versions up to and including 1.20.1. This vulnerability arises from a flaw in the repository trust verification mechanism associated with the onnx.hub.load() function. The function is intended to alert users about potential risks when loading models from unofficial sources. However, the use of the silent=True parameter nullifies these warnings, enabling a silent bypass of crucial security controls. This can lead to Zero-Interaction Supply-Chain Attacks, where an attacker, by exploiting this weakness in conjunction with existing file-system vulnerabilities, can covertly exfiltrate sensitive information (such as SSH keys and cloud credentials) from the victim's system immediately upon loading a compromised model. As of now, no patches have been released to mitigate this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References