What is CVE-2026-10803?

CVE-2026-10803 is a low-severity vulnerability in Lfprojects Mlflow, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 3.6/10. Published 2026-06-04.

How severe is CVE-2026-10803?

Low severity. CVSS v3 base score is 3.6 out of 10.

Vulnerability in Lfprojects Mlflow

CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is po…

Vulnerability class: POODLE (CVE-2014-3566)

CVSS v3 metric

CVSS v3 base score 3.6 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L.

Affected products

Lfprojects Mlflow
N/a Mlflow — versions 3.0, 3.1, 3.2

Weakness classification (CWE)

References

cna@vuldb.com (Product, product)
cna@vuldb.com (issue-tracking, Exploit, exploit, Mitigation, Issue Tracking)
cna@vuldb.com (issue-tracking, patch, Issue Tracking)
cna@vuldb.com (VDB Entry, Third Party Advisory, third-party-advisory)
cna@vuldb.com (VDB Entry, Third Party Advisory, third-party-advisory)
cna@vuldb.com (technical-description, VDB Entry, Third Party Advisory, vdb-entry)
cna@vuldb.com (signature, Permissions Required, permissions-required, VDB Entry)

Frequently asked questions

What is CVE-2026-10803?: CVE-2026-10803 is a low-severity vulnerability in Lfprojects Mlflow, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 3.6/10. Published 2026-06-04.
How severe is CVE-2026-10803?: Low severity. CVSS v3 base score is 3.6 out of 10.