CVE-2026-28500

EPSS 0.01%
Veröffentlicht 18.03.2026 01:15:07
Zuletzt bearbeitet 18.03.2026 19:47:59
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verification mechanism. While the function is designed to warn users when loading models from non-official sources, the use of the silent=True parameter completely suppresses all security warnings and confirmation prompts. This vulnerability transforms a standard model-loading function into a vector for Zero-Interaction Supply-Chain Attacks. When chained with file-system vulnerabilities, an attacker can silently exfiltrate sensitive files (SSH keys, cloud credentials) from the victim's machine the moment the model is loaded. As of time of publication, no known patched versions are available.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 3 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linuxfoundation ≫ Onnx Version <= 1.20.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.006

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
security-advisories@github.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

CWE-494 Download of Code Without Integrity Check

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://github.com/onnx/onnx/security/advisories/GHSA-hqmj-h5c6-369m

Vendor Advisory

https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-28500.md

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-28500

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-28500

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-28500

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-28500