CVE-2026-50144 in ncnninfo

Summary

by MITRE • 07/15/2026

ncnn is a high-performance neural network inference framework optimized for the mobile platform. In commit e54f7b1f88434e1d844ea0551b880a1cfb079ce1 and earlier, ncnn allows an out-of-bounds heap write in ncnn::ParamDict::load_param() when Net::load_param() loads a malicious .param model file because the parsed parameter id is checked only against id >= NCNN_MAX_PARAM_COUNT, allowing a negative id to index before the params[NCNN_MAX_PARAM_COUNT] array. This vulnerability is fixed by commit 5a0288f255daa6c3294f77109f67718e434ec020.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 07/15/2026

The vulnerability in ncnn represents a critical heap-based buffer overflow condition that arises from insufficient input validation during parameter parsing within the neural network inference framework. This issue specifically manifests in the ncnn::ParamDict::load_param() function when processing malicious .param model files through Net::load_param() calls, creating a scenario where attackers can manipulate memory layout and potentially execute arbitrary code. The flaw occurs due to inadequate bounds checking on parameter identifiers, allowing negative indices to reference memory locations before the allocated params array boundary.

The technical root cause stems from improper validation of parsed parameter IDs within the parameter dictionary loading mechanism. When ncnn processes model files, it fails to validate that parameter IDs remain within acceptable positive ranges, specifically neglecting to check for negative values that could result in out-of-bounds heap writes. The vulnerability is particularly dangerous because it allows an attacker to write data to memory locations preceding the intended params[NCNN_MAX_PARAM_COUNT] array, effectively bypassing normal memory protection mechanisms and potentially corrupting adjacent heap allocations.

This heap overflow vulnerability directly impacts the operational security of applications utilizing ncnn for mobile neural network inference, as it can be exploited through maliciously crafted model files that an application might process without proper validation. The attack surface expands significantly in mobile environments where ncnn is optimized for performance but lacks robust input sanitization mechanisms. Given that ncnn is designed for mobile platforms with limited security controls, the exploitation of this vulnerability could lead to complete system compromise or denial of service conditions.

The fix implemented in commit 5a0288f255daa6c3294f77109f67718e434ec020 addresses the core validation issue by ensuring proper bounds checking on parameter IDs before array indexing operations. This remediation aligns with established security best practices for preventing buffer overflow conditions and demonstrates the importance of input validation in security-critical code paths. The solution follows principles similar to those recommended in CWE-129 and CWE-787, which address improper input validation leading to buffer overflows.

From an operational perspective, this vulnerability requires immediate attention from developers integrating ncnn into their applications, particularly those handling untrusted model files or operating in environments where adversaries might provide malicious inputs. The security implications extend beyond simple memory corruption as the vulnerability could enable privilege escalation attacks when combined with other exploitation techniques, making it a significant concern for mobile application security. Organizations should implement proper input validation and update to versions containing the fix while monitoring for potential exploitation attempts targeting this specific vulnerability class.

Responsible

GitHub M

Reservation

06/03/2026

Disclosure

07/15/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!