197 matches found
CVE-2026-10801
A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...
CVE-2026-30246
A flaw was found in github.com/gofiber/fiber/v3. The default key generator in the cache middleware incorrectly uses only the request path, omitting the query string. This allows requests for the same path but with different query parameters to share a cache key, leading to incorrect cached...
EUVD-2026-34187
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...
PYSEC-2026-211
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...
Use of Weak Hash
Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Use of Weak Hash via the saveaudiotocache function of the Audio Cache Key Handler component. Different audio outputs with identical samples therefore...
GPTCache 安全漏洞
GPTCache is a library open-sourced by Zilliz for creating semantic caching for large model queries. Versions of GPTCache 0.1.44 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of a weak hash function in the BufferedReader.peek function of the Cache Key Handle...
PT-2026-46180
A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template. save pil image of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A...
Gradio 安全漏洞
Gradio is an open-source Python library developed by Google. It provides a user-friendly web interface for demonstrating machine learning models. Version 6.14.0 of Gradio contains a security vulnerability. This vulnerability stems from the use of a weak hash function in the saveaudiotocache...
CVE-2026-10783
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...
Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in Next.js (CVE-2025-57752 and CVE-2025-55173)
Summary The vulnerabilities CVE-2025-57752 Cache Key Confusion / Cache Deception and CVE-2025-55173 Content Injection / Arbitrary File Delivery in the Next.js framework have been completely resolved by upgrading the dependency from version 14.2.26 to 15.5.15. Vulnerability Details...
BIT-JOOMLA-2026-48901 Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
CVE-2026-48901
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
CVE-2026-48901
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
CVE-2026-48901 Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
CVE-2026-48901
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
EUVD-2026-31871
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
CVE-2026-48901
The CVE-2026-48901 entry concerns Joomla! Core: the InputFilter::getInstance() method omits a security‑sensitive parameter from the instance cache key, enabling an issue in cache key construction. Affected component is the InputFilter object (core). The published metrics indicate a high impact on...
CVE-2026-48901 Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects
The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...
PT-2026-43319
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The getInstance function within the InputFilter class fails to include a security-sensitive parameter when generating the instance cache key. Recommendations At...
Joomla! CMS 安全漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. There is a security vulnerability in Joomla! CMS, which stems from the InputFilter::getInstance method omitting secure-sensitive parameters from the instance cache key...