CVE-2026-27489 in onnxinformación

Resumen (Inglés)

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, a path traversal vulnerability via symlink allows to read arbitrary files outside model or user-provided directory. This issue has been patched in version 1.21.0.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

GitHub_M

Reservar

2026-02-19

Divulgación

2026-04-01

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
354741onnx recorrido de directorios23No está definidoArreglo oficialCVE-2026-27489

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!