CVE-2026-44512
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
08/07/2026
Last modified:
09/07/2026
Description
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. From 1.9.0 before 1.22.0, onnx.version_converter.convert_version() can dereference a null pointer in Upsample_6_7::adapt_upsample_6_7() in onnx/version_converter/adapters/upsample_6_7.h when processing an untrusted model with an Upsample node that has zero inputs, causing an unrecoverable denial of service. This issue is fixed in version 1.22.0.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://github.com/onnx/onnx/commit/cd310408165ad47c3cd7eb2b86cb5b80aa2e4fdf
- https://github.com/onnx/onnx/pull/7813
- https://github.com/onnx/onnx/releases/tag/v1.22.0
- https://github.com/onnx/onnx/security/advisories/GHSA-hwpq-hmq9-wj77
- https://github.com/onnx/onnx/security/advisories/GHSA-hwpq-hmq9-wj77



