CVE-2026-14647
ONNX Runtime (onnxruntime) up to 1.21.x is affected by CVE-2026-14647 due to a weakness in convPoolShapeInference_opset19 in ONNX’s old.cc (onnx/defs/nn). The root cause is an out-of-bounds read introduced in this path, enabling remote exploitation. Public exploits exist per the description. Reme...