Arbitrary Attribute Overwrite in Open Neural Network Exchange (ONNX)
CVE-2026-34445

8.6HIGH

Key Information:

Vendor

Onnx

Status
Onnx
Vendor
CVE Published:
1 April 2026

What is CVE-2026-34445?

The ExternalDataInfo class in Open Neural Network Exchange (ONNX) enabled loading of metadata directly from ONNX model files without validating the 'keys' present. This oversight allowed attackers to craft malicious models capable of overwriting internal object properties, potentially compromising the integrity of machine learning applications. This vulnerability has been addressed in version 1.21.0, which enhances metadata handling to prevent such arbitrary attribute overwrites.

Affected Version(s)

onnx < 1.21.0

References

https://github.com/onnx/onnx/security/advisories/GHSA-538...
x_refsource_CONFIRM
https://github.com/onnx/onnx/pull/7751
x_refsource_MISC
https://github.com/onnx/onnx/commit/e30c6935d67cc3eca2fa2...
x_refsource_MISC

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.