{"api_version":"1","generated_at":"2026-06-05T07:39:49+00:00","cve":"CVE-2026-10803","urls":{"html":"https://cve.report/CVE-2026-10803","api":"https://cve.report/api/cve/CVE-2026-10803.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-10803","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-10803"},"summary":{"title":"MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash","description":"A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.","state":"PUBLISHED","assigner":"VulDB","published_at":"2026-06-04 12:16:24","updated_at":"2026-06-04 18:24:41"},"problem_types":["CWE-327","CWE-328","CWE-328 Use of Weak Hash","CWE-327 Risky Cryptographic Algorithm"],"metrics":[{"version":"4.0","source":"cna@vuldb.com","type":"Secondary","score":"1.1","severity":"LOW","vector":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.1,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"DECLARED","score":"2","severity":"LOW","vector":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","data":{"baseScore":2,"baseSeverity":"LOW","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","version":"4.0"}},{"version":"3.1","source":"cna@vuldb.com","type":"Secondary","score":"3.6","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":3.6,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"3.6","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","data":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","version":"3.1"}},{"version":"3.0","source":"CNA","type":"DECLARED","score":"3.6","severity":"LOW","vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","data":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","version":"3.0"}},{"version":"2.0","source":"cna@vuldb.com","type":"Secondary","score":"2.4","severity":"","vector":"AV:L/AC:H/Au:S/C:N/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:H/Au:S/C:N/I:P/A:P","baseScore":2.4,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}},{"version":"2.0","source":"CNA","type":"DECLARED","score":"2.4","severity":"","vector":"AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR","data":{"baseScore":2.4,"vectorString":"AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR","version":"2.0"}}],"references":[{"url":"https://vuldb.com/vuln/368252","name":"https://vuldb.com/vuln/368252","refsource":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/cve/CVE-2026-10803","name":"https://vuldb.com/cve/CVE-2026-10803","refsource":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mlflow/mlflow/","name":"https://github.com/mlflow/mlflow/","refsource":"cna@vuldb.com","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mlflow/mlflow/pull/22420","name":"https://github.com/mlflow/mlflow/pull/22420","refsource":"cna@vuldb.com","tags":["Issue Tracking"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mlflow/mlflow/issues/22419","name":"https://github.com/mlflow/mlflow/issues/22419","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Mitigation"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/submit/831462","name":"https://vuldb.com/submit/831462","refsource":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://vuldb.com/vuln/368252/cti","name":"https://vuldb.com/vuln/368252/cti","refsource":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-10803","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-10803","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.0","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.1","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.2","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.3","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.4","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.5","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.6","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.7","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.8","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.9","platforms":[]},{"source":"CNA","vendor":"n/a","product":"MLflow","version":"affected 3.10.0","platforms":[]}],"timeline":[{"source":"CNA","time":"2026-06-04T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"source":"CNA","time":"2026-06-04T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"source":"CNA","time":"2026-06-04T07:12:15.000Z","lang":"en","value":"VulDB entry last update"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Dem0 (VulDB User)","lang":"en"},{"source":"CNA","value":"VulDB CNA Team","lang":"en"}],"nvd_cpes":[{"cve_year":"2026","cve_id":"10803","vulnerable":"1","versionEndIncluding":"3.10.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"lfprojects","cpe5":"mlflow","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-10803","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-06-04T12:55:46.959879Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-04T12:55:59.415Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["exploit"],"url":"https://github.com/mlflow/mlflow/issues/22419"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"cpes":["cpe:2.3:a:mlflow:mlflow:*:*:*:*:*:*:*:*"],"modules":["Dataset Digest Computation"],"product":"MLflow","vendor":"n/a","versions":[{"status":"affected","version":"3.0"},{"status":"affected","version":"3.1"},{"status":"affected","version":"3.2"},{"status":"affected","version":"3.3"},{"status":"affected","version":"3.4"},{"status":"affected","version":"3.5"},{"status":"affected","version":"3.6"},{"status":"affected","version":"3.7"},{"status":"affected","version":"3.8"},{"status":"affected","version":"3.9"},{"status":"affected","version":"3.10.0"}]}],"credits":[{"lang":"en","type":"reporter","value":"Dem0 (VulDB User)"},{"lang":"en","type":"coordinator","value":"VulDB CNA Team"}],"descriptions":[{"lang":"en","value":"A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet."}],"metrics":[{"cvssV4_0":{"baseScore":2,"baseSeverity":"LOW","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","version":"4.0"}},{"cvssV3_1":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","version":"3.1"}},{"cvssV3_0":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","version":"3.0"}},{"cvssV2_0":{"baseScore":2.4,"vectorString":"AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR","version":"2.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-328","description":"Use of Weak Hash","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-327","description":"Risky Cryptographic Algorithm","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-04T11:45:10.363Z","orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB"},"references":[{"name":"VDB-368252 | MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash","tags":["vdb-entry","technical-description"],"url":"https://vuldb.com/vuln/368252"},{"name":"VDB-368252 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"],"url":"https://vuldb.com/vuln/368252/cti"},{"name":"CVE-2026-10803 | CVE Analysis and Report","tags":["third-party-advisory"],"url":"https://vuldb.com/cve/CVE-2026-10803"},{"name":"Submit #831462 | mlflow 3.10.0 Digest Collision","tags":["third-party-advisory"],"url":"https://vuldb.com/submit/831462"},{"tags":["exploit","issue-tracking"],"url":"https://github.com/mlflow/mlflow/issues/22419"},{"tags":["issue-tracking","patch"],"url":"https://github.com/mlflow/mlflow/pull/22420"},{"tags":["product"],"url":"https://github.com/mlflow/mlflow/"}],"timeline":[{"lang":"en","time":"2026-06-04T00:00:00.000Z","value":"Advisory disclosed"},{"lang":"en","time":"2026-06-04T02:00:00.000Z","value":"VulDB entry created"},{"lang":"en","time":"2026-06-04T07:12:15.000Z","value":"VulDB entry last update"}],"title":"MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash"}},"cveMetadata":{"assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","cveId":"CVE-2026-10803","datePublished":"2026-06-04T11:45:10.363Z","dateReserved":"2026-06-04T05:06:53.422Z","dateUpdated":"2026-06-04T12:55:59.415Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-04 12:16:24","lastModifiedDate":"2026-06-04 18:24:41","problem_types":["CWE-327","CWE-328","CWE-328 Use of Weak Hash","CWE-327 Risky Cryptographic Algorithm"],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.1,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":3.6,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1,"impactScore":2.5}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:H/Au:S/C:N/I:P/A:P","baseScore":2.4,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":1.5,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*","versionEndIncluding":"3.10.0","matchCriteriaId":"BB66340A-C948-419D-BAC2-C5057F4C57D8"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"10803","Ordinal":"1","Title":"MLflow Dataset Digest Computation digest_utils.py mlflow.data.di","CVE":"CVE-2026-10803","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"10803","Ordinal":"1","NoteData":"A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.","Type":"Description","Title":"MLflow Dataset Digest Computation digest_utils.py mlflow.data.di"}]}}}