AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-34445: Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0,

highvulnerability

security

Source: NVD/CVE DatabaseApril 1, 2026CVE-2026-34445

Summary

ONNX (Open Neural Network Exchange, a standard format for sharing machine learning models) had a vulnerability in versions before 1.21.0 where it didn't properly validate data loaded from model files, allowing an attacker to craft a malicious model that could overwrite internal object properties. An attacker could exploit this by embedding specially crafted metadata (like file paths) into an ONNX model file that would be processed without proper checks.

Solution / Mitigation

Update ONNX to version 1.21.0 or later, where this issue has been patched.

Vulnerability Details

CVSS Score

8.6(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Attack Vector

network

Attack Complexity

low

Privileges Required

none

User Interaction

none

Disclosure Date

April 1, 2026

Classification

Attack Type

Model Poisoning

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedModel

Taxonomy References

CWE (Weakness Type)

CWE-20 CWE-400 CWE-915

CAPEC (Attack Pattern)

CAPEC-125

Affected Vendors

Related Issues

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

Similar attackNVD/CVE Database

info

Model Stability Defense Against Model Poisoning in Federated Learning

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-34445

First tracked: April 1, 2026 at 08:08 PM

Classified by LLM (prompt v3) · confidence: 92%