CVE-2026-34446: ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load

April 1, 2026

The issue is in onnx.load — the code checks for symlinks to prevent path traversal, but completely misses hardlinks, which is the problem, since a hardlink looks exactly like a regular file on the filesystem.

References

github.com/advisories/GHSA-cmw6-hcpp-c6jp
github.com/onnx/onnx
github.com/onnx/onnx/commit/4755f8053928dce18a61db8fec71b69c74f786cb
github.com/onnx/onnx/security/advisories/GHSA-cmw6-hcpp-c6jp
nvd.nist.gov/vuln/detail/CVE-2026-34446

Code Behaviors & Features

Detect and mitigate CVE-2026-34446 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →