Lucene search
+L

7 matches found

NVD
NVD
added 2026/06/28 5:16 a.m.15 views

CVE-2026-13482

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 4:30 a.m.38 views

CVE-2026-13482 skypilot-org skypilot User ID server.py username.encode weak hash

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 4:30 a.m.11 views

EUVD-2026-39982

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
OSV
OSV
added 2026/06/28 4:30 a.m.4 views

CVE-2026-13482 skypilot-org skypilot User ID server.py username.encode weak hash

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.3AI score0.00189EPSS
Exploits0References8
CVE
CVE
added 2026/06/28 4:30 a.m.24 views

CVE-2026-13482

CVE-2026-13482 affects skypilot-org/skypilot

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/01/01 6:46 a.m.3 views

airflow-provider-skypilot (=0.1.3), inferiallm (>=1.0.2 <=1.0.5) potentially affected by unknown CVE via skypilot (>=0.10.3 <=0.10.3.post2)

skypilot PYPI version =0.10.3, =1.0.2, =1.0.5 Source cves: unknown CVE Source advisory: SNYK:PYTHON-SKYPILOT-14860868...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/03/01 6:40 a.m.2 views

Cleartext Transmission of Sensitive Information

Overview skypilot is a SkyPilot: Run AI on Any Infra — Unified, Faster, Cheaper. Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information by transmitting traffic over plain HTTP sensitive API requests are exposed to interception and man-in-the-middle...

8.2CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder