CVE-2026-10766 | mlrun up to 1.12.0-rc3 DataFrame Hash mlrun/utils/helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash (Issue 9691)

A vulnerability was found in mlrun up to 1.12.0-rc3. It has been classified as problematic. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash.

This vulnerability is referenced as CVE-2026-10766. The attack can only be performed from a local environment. Furthermore, an exploit is available.

The pull request to fix this issue awaits acceptance.VulDB Recent EntriesRead More