GHSA-q56x-g2fj-4rj6: ONNX: TOCTOU arbitrary file read/write in save_external_dat
highvulnerability
security
Source: GitHub Advisory DatabaseApril 1, 2026
Summary
ONNX's `save_external_data` method contains a TOCTOU vulnerability (time-of-check-time-of-use, a gap between checking if a file exists and using it) that allows attackers to overwrite arbitrary files by creating symlinks (shortcuts to other files) between those two operations. The code also has a potential path validation bypass on Windows systems that may allow absolute paths to be used.
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
HuggingFace
Affected Packages
onnx@<= 1.20.1 (fixed: 1.21.0)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-q56x-g2fj-4rj6
First tracked: April 1, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 85%