Skip to main content

Ncnn

1 CVEs product

Monthly

CVE-2026-50144 HIGH PATCH This Week

Out-of-bounds heap write in Tencent's ncnn neural-network inference framework allows a crafted .param model file to corrupt heap memory when parsed by Net::load_param(). Because ParamDict::load_param() and load_param_bin() validated the parsed parameter id only against the upper bound (id >= NCNN_MAX_PARAM_COUNT), a negative id indexes before the params[] array, giving an attacker a write primitive below the allocated buffer. No public exploit is identified at time of analysis and the issue is not in CISA KEV; an upstream source-code fix is available.

Buffer Overflow Ncnn
NVD GitHub
CVSS 3.1
7.1
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Out-of-bounds heap write in Tencent's ncnn neural-network inference framework allows a crafted .param model file to corrupt heap memory when parsed by Net::load_param(). Because ParamDict::load_param() and load_param_bin() validated the parsed parameter id only against the upper bound (id >= NCNN_MAX_PARAM_COUNT), a negative id indexes before the params[] array, giving an attacker a write primitive below the allocated buffer. No public exploit is identified at time of analysis and the issue is not in CISA KEV; an upstream source-code fix is available.

Buffer Overflow Ncnn
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy