CVE-2026-10705 | dask up to 3.0 HLL hyperloglog.py nunique_approx resource consumption (Issue 12403)

A vulnerability classified as problematic has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption.

This vulnerability is tracked as CVE-2026-10705. The attack is possible to be carried out remotely. No exploit exists.

The pull request to fix this issue awaits acceptance.VulDB Recent EntriesRead More