A vulnerability was found in onnx up to 1.21.x. It has been rated as problematic. This vulnerability affects the function
convPoolShapeInference_opset19 of the file onnx/defs/nn/old.cc of the component onnxruntime. This manipulation causes out-of-bounds read.
The identification of this vulnerability is CVE-2026-14647. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.