CVE•Published 2026-06-05•Modified 2026-06-05•0 articles on news•5 live references•NVD data

CVE-2026-11329

Vulnerability data via NVD (ingested)

CVSS v3.1

3.6

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS percentile

—

Weaknesses (CWE)

CWE-327Use of a Broken or Risky Cryptographic Algorithm CWE-328Use of Weak Hash

Description

A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generate_hash_key of the file src/Runtime/python/torch_onnxmlir/src/torch_onnxmlir/backend.py of the component Placeholder Node Cache Handler. Such manipulation leads to use of weak hash. An attack has to be approached locally. A high complexity level is associated with this attack. The exploitation is known to be difficult. The name of the patch is 72c5187ff6d13c2c2b3d3789b8f5faf99f08a5b4. Applying a patch is advised to resolve this issue.

Timeline

Published 2026-06-05

Modified 2026-06-05

External references

NVD MITRE Exploit-DB Sploitus VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-11329

Hosts Shodan has explicitly fingerprinted as vulnerable.

More intel sources (5)

Shodan report

vuln:CVE-2026-11329

Country / ASN / product breakdown for the vuln query.

Censys

vulnerabilities.cve_id: CVE-2026-11329

Censys host search filtered to this CVE id.

grep.app

CVE-2026-11329