Live data from GitHub and PyPI, updated daily.
Data last fetched: 2026-06-29
10 active CVEs reported via OSV.dev
onnx Vulnerable to Path Traversal via Symlink
ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.
onnx allows Arbitrary File Overwrite in download_model_with_test_data
ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load
Directory Traversal in onnx
Open Neural Network Exchange (ONNX) Path Traversal Vulnerability
Onnx Out-of-bounds Read vulnerability
ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack
ONNX: External Data Symlink Traversal
ONNX: TOCTOU arbitrary file read/write in save_external_dat
Other Machine Learning projects in the Python ecosystem worth evaluating.
Get SLA-backed support, security patches, and direct access to senior engineers for ONNX — without relying on volunteer maintainers.