CVE-2026-10800
PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
CVSS Score
3.6
EPSS Score
0.0%
EPSS Percentile
1th
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high complexity level is associated with this attack. The exploitation is known to be difficult. This patch is called 374945747652a8d32965591c0c01a00c88b7067f. Applying a patch is advised to resolve this issue.
| CWE | CWE-328 CWE-327 |
| Vendor | paddlepaddle |
| Product | fastdeploy |
| Published | Jun 4, 2026 |
| Last Updated | Jun 4, 2026 |
Stay Ahead of the Next One
Get instant alerts for paddlepaddle fastdeploy
Be the first to know when new low vulnerabilities affecting paddlepaddle fastdeploy are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
PaddlePaddle / FastDeploy
2.4.0 2.4.1
References
vuldb.com: https://vuldb.com/vuln/368249 vuldb.com: https://vuldb.com/vuln/368249/cti vuldb.com: https://vuldb.com/cve/CVE-2026-10800 vuldb.com: https://vuldb.com/submit/831452 github.com: https://github.com/PaddlePaddle/FastDeploy/issues/7196 github.com: https://github.com/PaddlePaddle/FastDeploy/pull/7185 github.com: https://github.com/PaddlePaddle/FastDeploy/commit/374945747652a8d32965591c0c01a00c88b7067f github.com: https://github.com/PaddlePaddle/FastDeploy/
Credits
๐ Dem0 (VulDB User)