CVE-2026-10800
Use of Weak Hash in PaddlePaddle FastDeploy
Publication date: 2026-06-04
Last updated on: 2026-06-04
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| paddlepaddle | fastdeploy | to 2.4.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-328 | The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack). |
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided context and resources do not contain any information regarding the impact of CVE-2026-10800 on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
The vulnerability CVE-2026-10800 involves a hash collision risk in the MultimodalHasher.hash_features() function of PaddlePaddle FastDeploy. The function uses numpy.ndarray.tobytes() to compute SHA-256 hashes for multimodal cache keys, but this method only serializes the raw element bytes without including the array's shape or data type (dtype) metadata.
Because of this, arrays with different shapes (e.g., (6,4) vs (4,6)) or different dtypes (e.g., float32 vs uint8) but identical raw byte representations can produce the same hash value. This can cause silent cache collisions in components like ProcessorCacheManager, EncoderCacheManager, and PrefixCacheManager.
The fix involves prepending a header containing the array's shape and dtype to the byte payload before hashing, ensuring that these attributes influence the hash digest and prevent collisions.
How can this vulnerability impact me? :
This vulnerability can lead to silent cache collisions in the multimodal caching layers of PaddlePaddle FastDeploy, specifically in ProcessorCacheManager, EncoderCacheManager, and PrefixCacheManager.
Such collisions mean that different input arrays could be treated as identical due to identical hash values, potentially causing incorrect cache hits and leading to incorrect or unexpected behavior in model inference or processing.
However, the attack requires local access and has a high complexity level, making exploitation difficult. Additionally, current pipeline constraints reduce the likelihood of collisions in practice.
Applying the patch that includes shape and dtype metadata in the hash computation is advised to mitigate this risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a hash collision risk in the MultimodalHasher.hash_features() function of PaddlePaddle FastDeploy, which is a local code issue related to how numpy arrays are hashed. Detection would require inspecting the version of PaddlePaddle FastDeploy in use and verifying if the vulnerable function is present.
Since the vulnerability is in the hashing implementation of numpy arrays in the local environment and requires local access, network-based detection commands are not applicable.
To detect if your system is vulnerable, you can check the installed FastDeploy version and inspect the relevant file for the presence or absence of the patch.
- Check the installed FastDeploy version: `pip show fastdeploy` or check the version in your environment.
- Search for the presence of the patched commit (ID: 374945747652a8d32965591c0c01a00c88b7067f) in your local FastDeploy repository or installation.
- Manually inspect the file `fastdeploy/multimodal/hasher.py` for the presence of the fix that prepends the array shape and dtype to the byte payload before hashing.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to apply the patch that fixes the hash collision vulnerability in the MultimodalHasher.hash_features() function.
This patch prepends a header containing the array's shape and dtype to the byte payload before computing the SHA-256 hash, ensuring uniqueness and preventing collisions.
Immediate steps include:
- Update your PaddlePaddle FastDeploy installation to a version that includes the patch (post version 2.4.1 or apply the commit 374945747652a8d32965591c0c01a00c88b7067f).
- If you maintain a local copy of the FastDeploy source, merge or apply the patch from the commit fixing this issue.
- Invalidate or clear any existing multimodal cache that might have been created with the vulnerable hashing method to avoid silent collisions.
- Restrict local access to trusted users only, as exploitation requires local access and has high complexity.