Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 2:56 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security control bypass in ONNX [CVE-2026-28500]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security control bypass in onnx.hub.load due to improper logic in the repository trust verification mechanismCVE-2026-28500. ONNX is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for...

9.1CVSS5.6AI score0.00318EPSS
Exploits0Affected Software1
Wolfi
Wolfi
added 2026/04/04 1:55 a.m.7 views

CVE-2026-28500 vulnerabilities

Vulnerabilities for packages: py3-onnx...

9.1CVSS5.9AI score0.00318EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/04 1:17 a.m.4 views

CVE-2026-28500 vulnerabilities

Vulnerabilities for packages: nemo, py3-onnx...

9.1CVSS7.3AI score0.00318EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/18 2:16 a.m.8 views

a2 (>=0.10.7 <=0.10.13), aad2onnx (=0.1.4) +1431 more potentially affected by CVE-2026-28500 via onnx (>=0.2.0 <=1.21.0)

onnx PYPI version =0.2.0, =0.10.7, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.4.4, =0.1.0, =0.0.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-28500 Source advisory: OSV:PYSEC-2026-103...

9.1CVSS7.6AI score0.00318EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/03/18 12:0 a.m.2 views

CVE-2026-28500

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...

9.1CVSS5.9AI score0.00318EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/16 4:23 p.m.4 views

a2 (>=0.10.7 <=0.10.13), aad2onnx (=0.1.4) +1431 more potentially affected by CVE-2026-28500 via onnx (>=0.2.0 <=1.21.0)

onnx PYPI version =0.2.0, =0.10.7, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.4.4, =0.1.0, =0.0.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-28500 Source advisory: OSV:GHSA-HQMJ-H5C6-369M...

9.1CVSS7.6AI score0.00318EPSS
Exploits0
Rows per page
Query Builder