CVE-2026-34447

Published April 1st, 2026

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0.

onnx/onnx

Open standard for machine learning interoperability

GitHub

21K