CVE-2026-10803 | MLflow up to 3.10.0 Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash (Issue 22419)

A vulnerability identified as problematic has been detected in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash.

This vulnerability is handled as CVE-2026-10803. It is possible to launch the attack on the local host. Additionally, an exploit exists.

The project was informed of the problem early through a pull request but has not reacted yet.VulDB Recent EntriesRead More