CVE-2026-10800
Deferred Deferred - Pending Action
Use of Weak Hash in PaddlePaddle FastDeploy

Publication date: 2026-06-04

Last updated on: 2026-06-04

Assigner: VulDB

Description
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high complexity level is associated with this attack. The exploitation is known to be difficult. This patch is called 374945747652a8d32965591c0c01a00c88b7067f. Applying a patch is advised to resolve this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-04
Last Modified
2026-06-04
Generated
2026-06-24
AI Q&A
2026-06-04
EPSS Evaluated
2026-06-23
NVD
CVE-2026-10800
EUVD
EUVD-2026-34239
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
paddlepaddle fastdeploy to 2.4.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-328 The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided context and resources do not contain any information regarding the impact of CVE-2026-10800 on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

The vulnerability CVE-2026-10800 involves a hash collision risk in the MultimodalHasher.hash_features() function of PaddlePaddle FastDeploy. The function uses numpy.ndarray.tobytes() to compute SHA-256 hashes for multimodal cache keys, but this method only serializes the raw element bytes without including the array's shape or data type (dtype) metadata.

Because of this, arrays with different shapes (e.g., (6,4) vs (4,6)) or different dtypes (e.g., float32 vs uint8) but identical raw byte representations can produce the same hash value. This can cause silent cache collisions in components like ProcessorCacheManager, EncoderCacheManager, and PrefixCacheManager.

The fix involves prepending a header containing the array's shape and dtype to the byte payload before hashing, ensuring that these attributes influence the hash digest and prevent collisions.

Impact Analysis

This vulnerability can lead to silent cache collisions in the multimodal caching layers of PaddlePaddle FastDeploy, specifically in ProcessorCacheManager, EncoderCacheManager, and PrefixCacheManager.

Such collisions mean that different input arrays could be treated as identical due to identical hash values, potentially causing incorrect cache hits and leading to incorrect or unexpected behavior in model inference or processing.

However, the attack requires local access and has a high complexity level, making exploitation difficult. Additionally, current pipeline constraints reduce the likelihood of collisions in practice.

Applying the patch that includes shape and dtype metadata in the hash computation is advised to mitigate this risk.

Detection Guidance

This vulnerability involves a hash collision risk in the MultimodalHasher.hash_features() function of PaddlePaddle FastDeploy, which is a local code issue related to how numpy arrays are hashed. Detection would require inspecting the version of PaddlePaddle FastDeploy in use and verifying if the vulnerable function is present.

Since the vulnerability is in the hashing implementation of numpy arrays in the local environment and requires local access, network-based detection commands are not applicable.

To detect if your system is vulnerable, you can check the installed FastDeploy version and inspect the relevant file for the presence or absence of the patch.

  • Check the installed FastDeploy version: `pip show fastdeploy` or check the version in your environment.
  • Search for the presence of the patched commit (ID: 374945747652a8d32965591c0c01a00c88b7067f) in your local FastDeploy repository or installation.
  • Manually inspect the file `fastdeploy/multimodal/hasher.py` for the presence of the fix that prepends the array shape and dtype to the byte payload before hashing.
Mitigation Strategies

The primary mitigation step is to apply the patch that fixes the hash collision vulnerability in the MultimodalHasher.hash_features() function.

This patch prepends a header containing the array's shape and dtype to the byte payload before computing the SHA-256 hash, ensuring uniqueness and preventing collisions.

Immediate steps include:

  • Update your PaddlePaddle FastDeploy installation to a version that includes the patch (post version 2.4.1 or apply the commit 374945747652a8d32965591c0c01a00c88b7067f).
  • If you maintain a local copy of the FastDeploy source, merge or apply the patch from the commit fixing this issue.
  • Invalidate or clear any existing multimodal cache that might have been created with the vulnerable hashing method to avoid silent collisions.
  • Restrict local access to trusted users only, as exploitation requires local access and has high complexity.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10800. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart