PT-2026-60292 · Tencent · Ncnn

Published

2026-07-15

·

Updated

2026-07-15

·

CVE-2026-50144

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
ncnn is a high-performance neural network inference framework optimized for the mobile platform. In commit e54f7b1f88434e1d844ea0551b880a1cfb079ce1 and earlier, ncnn allows an out-of-bounds heap write in ncnn::ParamDict::load param() when Net::load param() loads a malicious .param model file because the parsed parameter id is checked only against id >= NCNN MAX PARAM COUNT, allowing a negative id to index before the params[NCNN MAX PARAM COUNT] array. This vulnerability is fixed by commit 5a0288f255daa6c3294f77109f67718e434ec020.

Fix

Memory Corruption

RCE

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-50144

Affected Products

Ncnn