CVE-2026-13482 | skypilot-org skypilot up to 0.12.0 User ID sky/users/server.py username.encode weak hash (Issue 9194)
A vulnerability was found in skypilot-org skypilot up to 0.12.0. It has been declared as problematic. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash.
This vulnerability was named CVE-2026-13482. The attack may be performed from remote. In addition, an exploit is available.
The vendor was contacted early about this disclosure.VulDB Recent EntriesRead More