PT-2026-60292 · Tencent · Ncnn
Published
2026-07-15
·
Updated
2026-07-15
·
CVE-2026-50144
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H |
ncnn is a high-performance neural network inference framework optimized for the mobile platform. In commit e54f7b1f88434e1d844ea0551b880a1cfb079ce1 and earlier, ncnn allows an out-of-bounds heap write in ncnn::ParamDict::load param() when Net::load param() loads a malicious .param model file because the parsed parameter id is checked only against id >= NCNN MAX PARAM COUNT, allowing a negative id to index before the params[NCNN MAX PARAM COUNT] array. This vulnerability is fixed by commit 5a0288f255daa6c3294f77109f67718e434ec020.
Fix
Memory Corruption
RCE
Improper Validation of Array Index
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ncnn