CVE-2026-10766

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

CVE-2026-10766 mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

CVE-2026-10766

The vulnerability CVE-2026-10766 affects mlrun up to 1.12.0-rc3, specifically the function mlrun.utils.helpers.calculate_dataframe_hash in DataFrame Hash Handler. The issue arises from a manipulation that leads to the use of a weak hash. Exploitation is possible only from a local environment, wit...

CVE-2026-10766

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

EUVD-2026-34177

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

PT-2026-46056

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate dataframe hash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

Deserialization of Untrusted Data

Overview mlrun is a Tracking and config of machine learning runs Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the importfunctiontodict function in the run.py file. Details Serialization is a process of converting an object into a sequence of bytes whic...

qgate-sln-mlrun (>=0.1.0 <=0.2.8) potentially affected by unknown CVE via mlrun (>=1.5.2 <=1.6.4)

mlrun PYPI version =1.5.2, =0.1.0, =0.2.8 Source cves: unknown CVE Source advisory: SNYK:PYTHON-MLRUN-9296273...

Directory Traversal

Overview mlrun is a Tracking and config of machine learning runs Affected versions of this package are vulnerable to Directory Traversal in the getlogsizelegacy function in api/crud/logs.py. This allows attackers to access locations on the filesystem outside the project directory. Details A...

MLRun Detection

A MLRun Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208131; scriptversion"1.6";...