Bounties
Partners
Community
Info
onnx / onnx
Project repository
Open standard for machine learning interoperability
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
12 DAYS
FIX
WITHIN
N/A DAYS
Uncontrolled recursion in ONNX text parser (Parse(TypeProto&)) causes stack-over...
May 26th 2026
vkehs58-oss
•
self closed
Uncontrolled recursion in ONNX text parser (Parse(TypeProto&)) causes stack-over...
May 26th 2026
vkehs58-oss
•
self closed
Regular Expression Denial of Service (ReDoS) in RegexFullMatch Operator
May 25th 2026
abdugafforov-bobur
•
self closed
ONNX checker accepts tensors with data shorter than declared dimensions, leading...
May 20th 2026
usernamebiasa
•
self closed
Recursive Stack Exhaustion in ONNX numpy_helper via Deeply Nested Sequences
May 22nd 2026
galanzi2580-wq
•
self closed
Denial of Service via Unbounded Memory Allocation in Sub-byte Packed Types
May 14th 2026
surrealgrain
•
self closed
Integer overflow in sparse tensor dimension product bypasses bounds validation i...
Apr 26th 2026
bersechub
•
self closed
Unchecked integer arithmetic in ParseData causes DoS and silent shape truncation...
Apr 25th 2026
jd-admrl-ai
•
self closed
Arbitrary file overwrite in onnx.model_container.ModelContainer.save() via symli...
Apr 10th 2026
9to5ai
•
self closed
CWE-190: Integer Overflow in Dimension Multiplication Helpers Affects Flatten, T...
Apr 4th 2026
marchantdev
•
self closed
Integer Overflow in Reshape Shape Inference Produces Incorrect Dimensions (CWE-1...
Apr 4th 2026
marchantdev
•
self closed
Path traversal safety check bypass in _tar_members_filter() due to unsafe starts...
Mar 16th 2026
elucidator-hky
•
self closed
ONNX Path Traversal via startswith Prefix Collision. Sorry its supposed to be M...
Mar 12th 2026
williamzero9
•
self closed
Multiple Path Traversal Bypasses in ONNX: external_data symlink escape and tar e...
Mar 3rd 2026
4ur0n
•
duplicate
High
Null Pointer Dereference in OneHot Shape Inference
May 31st 2026
sn1r
•
pending
Integer Overflow in onnx::ParseData leading to Denial of Service
Mar 1st 2026
sn1r
•
self closed
Out-of-bounds Heap Read in ONNX Version Converter Adapters
May 30th 2026
sn1r
•
duplicate
High
Unlimited Graph Nesting Depth in Visitor Pattern Enables Stack Overflow DoS via...
May 30th 2026
k2ito
•
pending
Integer Overflow in Dense Tensor Dimension Multiplication Bypasses Checker Valid...
May 30th 2026
k2ito
•
duplicate
Critical
Integer Overflow in Model Checker Tensor Validation Allows Malformed Models to P...
May 29th 2026
avienma007
•
duplicate
High
Path Traversal in convert_model_to_external_data
Feb 27th 2026
kai-agent
•
duplicate
High
Integer Overflow in ParseData Tensor Dimension Calculation Leading to Validation...
May 28th 2026
avienma007
•
duplicate
High
Remote Code Execution and Repository Compromise via `pull_request_target` Workfl...
May 27th 2026
zitoxxx
•
pending
Signed Integer Overflow in Sparse Tensor Bounds Check Allows Index Validation By...
May 25th 2026
zeroxjacks
•
duplicate
Medium
Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load
Feb 24th 2026
zeroxjacks
•
duplicate
Medium
UNC Path Injection for NTLM Hash Theft
May 25th 2026
rezaduty
•
pending
Attribute Injection via setattr()
May 25th 2026
rezaduty
•
pending
Hub Path Traversal via Manifest
Feb 24th 2026
rezaduty
•
duplicate
Medium
Uncontrolled Resource Consumption and Stack Exhaustion via Crafted ONNX Models
May 25th 2026
hyperps
•
pending
[CWE-22] Path Traversal in _tar_members_filter Bypasses CVE-2024-5187 Fix
May 24th 2026
vnykmshr
•
duplicate
Low
Arbitrary File Read via ExternalData Hardlink Bypass in onnx.load
Feb 22nd 2026
zeroxjacks
•
duplicate
Medium
Object State Corruption and Denial of Service via Unrestricted setattr() in Exte...
May 23rd 2026
zeroxjacks
•
duplicate
High
Signed Integer Overflow in Sparse Tensor Bounds Check allowing Validation Bypass...
May 23rd 2026
zeroxjacks
•
duplicate
High
Security Control Bypass in onnx.hub.load via silent=True leading to Silent Suppl...
May 23rd 2026
zeroxjacks
•
pending
Directory Traversal via startswith() Bypass in _tar_members_filter
May 22nd 2026
optimus-fulcria
•
pending
Integer Overflow in Tensor Size Validation Bypasses Data Consistency Check in Pa...
May 20th 2026
shima-coder
•
duplicate
High
Memory Exhaustion DoS via Unvalidated External Data Parameters in onnx.load() (C...
May 20th 2026
shima-coder
•
duplicate
Medium
Arbitrary Attribute Injection via setattr in ExternalDataInfo
May 19th 2026
loris4py
•
pending
Multiple Critical Denial-of-Service (DoS) and Logic Errors in ONNX Shape Inferen...
May 18th 2026
alielgendy-software
•
pending
Segmentation Fault (SIGSEGV) in version_converter.convert_version() via Crafted...
May 18th 2026
baguette168
•
pending
Integer Overflow in Tensor Dimension Validation Allows Checker Bypass
May 16th 2026
hallenee
•
duplicate
High
Buffer Over-read in Conv Shape Inference via Tensor Rank Mismatch
May 16th 2026
alielgendy-software
•
pending
Arbitrary File Write via Symlink Bypass in save_external_data
Feb 16th 2026
alielgendy-software
•
duplicate
High
ONNX Path Validation Bypass in External Data Loading
Feb 22nd 2026
alielgendy-software
•
duplicate
Medium
Arbitrary Code Execution via Insecure Model Deserialization in ONNX
May 12th 2026
sebas5207418
•
pending
ONNX external_data_helper Arbitrary File Write via Path Traversal
Feb 1st 2026
mia-718ai
•
duplicate
High
Heap Buffer Over-read in ONNX Version Converter AxesInputToAttribute Adapter Due...
May 2nd 2026
mia-718ai
•
pending
Path Traversal in save_external_data Allows Arbitrary File Write via Crafted ONN...
Feb 1st 2026
jhacksman
•
duplicate
Medium
Heap Buffer Overflow in ParseData() via Integer Division Truncation
Jan 30th 2026
spamblue890-oss
•
duplicate
High
Arbitrary File Read via Symlink Following in External Data Loading
Feb 1st 2026
nikshacks
•
duplicate
Medium
Path Traversal in ONNX Hub Manifest Allows Arbitrary File Write
Jan 18th 2026
alan-tiger
•
duplicate
High
Unsafe raw_data Handling in Tensor::data<T>() Allows Out-of-Bounds Access via Ma...
Jan 18th 2026
hyperps
•
self closed
Signed Integer Overflow in ONNX Model Checker via Malicious Tensor Dimensions
Apr 18th 2026
hyperps
•
pending
No symlinks bypass in external data validation allowing arbitrary file read via...
Feb 1st 2026
f00dat
•
duplicate
High
Denial of Service in ONNX Runtime via Unbounded Memory Allocation during Expand...
Mar 27th 2026
aldorizona10-glitch
•
pending
Stack Overflow DoS via Unbounded Recursion in ONNX Model Processing
Mar 22nd 2026
vitalysim
•
pending
Heap overflow
Dec 25th 2025
shemshallah
•
pending
ONNX Runtime does not validate dimensional consistency of tensors i
Dec 25th 2025
shemshallah
•
pending
Unsafe use of PyTorch torch.load() in ONNX can lead to Arbitrary Code Execution...
Apr 1st 2026
ko7-dev
•
self closed
ONNX Path Traversal
Oct 24th 2025
elexs1zz
•
pending
Command Injection
Jun 24th 2025
loaymorad
•
pending
Exploit ONNX Net Drawer via doc_string injection
May 20th 2025
meme-dm
•
pending
Arbitary File Overwrite in save_external_data
Apr 16th 2025
michealkeines
•
pending
File Creation Vulnerability with Potential Race Condition
Apr 14th 2025
hope4real
•
pending
Lack of Error Handling for Malformed Input in ONNX Model/Node Check
Apr 11th 2025
tugar2003
•
pending
Arbitrary File Overwrite in onnx/backend/test/runner/download_model in onnx/onnx
Oct 9th 2024
arashimu
•
High
•
$750
High
•
$750
•
CVE-2024-7776
CVE-2024-7776
RCE via Documentation Updates
Jun 17th 2024
avivkeller
•
informative
Critical
Arbitrary File Overwrite in download_model_with_test_data
May 23rd 2024
sunrisexu
•
High
•
$750
High
•
$750
•
CVE-2024-5187
CVE-2024-5187
[https://github.com/onnx/onnx] Source repository compromise via GitHub actions w...
Feb 13th 2024
arunstar
•
informative
Critical
CRITICAL
$1500
HIGH
$750
MEDIUM
$125
LOW
$20
