PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-42440 Apache Software Foundation CVE debrief

CVE-2026-42440 is a high-severity vulnerability in Apache OpenNLP's AbstractModelReader, which can lead to an Out-of-Memory (OOM) denial-of-service attack via unbounded array allocation. The vulnerability affects versions before 1.9.5, 2.5.9, and 3.0.0-M3. An attacker can craft a malicious .bin model file to trigger an OutOfMemoryError, causing the JVM to crash. The practical impact is a denial-of-service against processes that load model files from untrusted or semi-trusted origins. To mitigate this vulnerability, users should upgrade to the latest versions: 2.x users to 2.5.9 and 3.x users to 3.0.0-M3. Additionally, users who cannot upgrade immediately should treat all .bin model files as untrusted input unless their provenance is verified.

Vendor
Apache Software Foundation
Product
Apache OpenNLP
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-04
Original CVE updated
2026-06-29
Advisory published
2026-05-04
Advisory updated
2026-06-29

Who should care

Organizations using Apache OpenNLP versions before 1.9.5, 2.5.9, or 3.0.0-M3 should prioritize patching this vulnerability. This includes developers and administrators who work with machine learning models, especially those loaded from untrusted or semi-trusted sources. Patching is crucial to prevent potential denial-of-service attacks that could impact service availability.

Technical summary

The vulnerability lies in the AbstractModelReader methods getOutcomes(), getOutcomePatterns(), and getPredicates(), which read a 32-bit signed integer count field from a binary model stream and pass it directly to array allocations without validation. This allows an attacker to control the count fully when the model file comes from an untrusted source. A crafted .bin model file with a count field set to Integer.MAX_VALUE or a large enough value to exhaust the available heap triggers an OutOfMemoryError at array allocation. The error occurs early in deserialization, making it easy for an attacker to weaponize a payload with a small file. Any code path deserializing a .bin model is affected, including direct use of GenericModelReader and higher-level components that delegate to it during model load.

Defensive priority

High priority should be given to patching this vulnerability, especially in environments where model files are loaded from untrusted or semi-trusted sources. Immediate action is recommended for versions before 1.9.5, 2.5.9, and 3.0.0-M3.

Recommended defensive actions

  • Upgrade to version 2.5.9 for 2.x users.
  • Upgrade to version 3.0.0-M3 for 3.x users.
  • Treat all .bin model files as untrusted input unless their provenance is verified.
  • Avoid loading models supplied by end users or fetched from third-party repositories without integrity checks.
  • Consider setting the OPENNLP_MAX_ENTRIES system property to a desired positive integer for deployments that need to load models with more entries than the default.

Evidence notes

The CVE-2026-42440 vulnerability was publicly disclosed on May 4, 2026, and modified on June 29, 2026. The vulnerability affects Apache OpenNLP versions before 1.9.5, 2.5.9, and 3.0.0-M3. The CVSS score is 7.5 with a HIGH severity. The vulnerability allows for a denial-of-service attack via OOM.

Official resources

This article is AI-assisted and based on the supplied source corpus.