{"data":{"id":"b7cf06eb-9a84-4f39-a8b9-744a21505d3b","title":"GHSA-hqmj-h5c6-369m: ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack","summary":"ONNX's onnx.hub.load() function has a security flaw where the silent=True parameter completely disables warnings and user confirmations when loading models from untrusted repositories (sources not officially verified). This means an attacker could trick an application into silently downloading and running malicious models from their own GitHub repository without the user knowing, potentially allowing theft of sensitive files like SSH keys or cloud credentials.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-hqmj-h5c6-369m","publishedAt":"2026-03-16T16:23:28.000Z","cveId":"CVE-2026-28500","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["onnx@<= 1.20.1"],"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["ONNX"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-16T16:23:28.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0010"]}}