Security News

Cybersecurity news aggregator

🔓
HIGH Vulnerabilities Microsoft Security Response Center

CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

cve-2025-51480onnxpath-traversalmitre-ta0001mitre-t1190
CVE-2025-51480 (CVSS 8.8 HIGH) is a path traversal vulnerability in the `onnx.external_data_helper.save_external_data` function of ONNX version 1.17.0, allowing attackers to overwrite arbitrary files by supplying crafted `external_data.location` paths containing traversal sequences that bypass directory restrictions.
Read Full Article →

We use optional cookies to improve your experience on our websites, such as through social media connections, and to display personalized advertising based on your online activity. If you reject optional cookies, only cookies necessary to provide you the services will be used. You may change your selection by clicking “Manage Cookies” at the bottom of the page. Privacy Statement Third-Party Cookies AcceptRejectManage cookies MSRC  Customer Guidance  Security Update Guide  Vulnerabilities  CVE-2025-51480 Your Privacy Choices Consumer Health Privacy

Related Articles

MEDIUM CVE-2026-34445 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. Microsoft Security Response Center HIGH USN-8307-1: ONNX vulnerability Ubuntu Security CRITICAL CVE-2025-59099: The Access Manager is using the open source web server CompactWebServer written in C#. This web serv... NIST NVD CRITICAL U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog Web Discovery
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn