216.73.216.242

CVE-2026-11329

· Published 05/06/2026 13:16 · Modified 05/06/2026 13:26

Labels: CVE-2026-11329 2026-06-05CVE-2026-11329CWE-327[email protected]

Essential information

Published
05/06/2026 13:16
Modified
05/06/2026 13:26
Author
Creator
CVSS
2.0 LOW (v3) 2.0 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generate_hash_key of the file src/Runtime/python/torch_onnxmlir/src/torch_onnxmlir/backend.py of the component Placeholder Node Cache Handler. Such manipulation leads to use of weak hash. An attack has to be approached locally. A high complexity level is associated with this attack. The exploitation is known to be difficult. The name of the patch is 72c5187ff6d13c2c2b3d3789b8f5faf99f08a5b4. Applying a patch is advised to resolve this issue.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
onnx / onnx-mlir cpe:2.3:a:onnx:onnx-mlir:*:*:*:*:*:*:*:*

References