{"data":{"id":"f3494495-d03d-4698-aa21-2ced6fe14d3f","title":"CVE-2026-50144: ncnn is a high-performance neural network inference framework optimized for the mobile platform. In commit e54f7b1f88434","summary":"ncnn is a framework that runs AI neural networks efficiently on mobile devices. A vulnerability exists where loading a malicious model file can cause an out-of-bounds heap write (writing data to memory locations outside the intended array), because the code only checks if a parameter ID is too large, but doesn't prevent negative IDs from accessing memory before the array.","solution":"This vulnerability is fixed by commit 5a0288f255daa6c3294f77109f67718e434ec020.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-50144","publishedAt":"2026-07-15T20:17:13.500Z","cveId":"CVE-2026-50144","cweIds":["CWE-20","CWE-129","CWE-787"],"cvssScore":"7.1","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["ncnn"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H","attackVector":"local","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-07-15T20:17:13.500Z","capecIds":["CAPEC-100"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}