169 matches found
CVE-2026-10804
A flaw was found in Streamlit, within its Palette Handler component. This vulnerability stems from the use of a weak hashing algorithm. A local attacker could exploit this flaw, though it requires a high level of technical complexity. Successful exploitation may lead to a low impact on the...
Embedded Malicious Code
Overview mflux-streamlit is a Streamlit WebUI application for the mflux project. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that h...
MAL-2026-5301 Malicious code in mflux-streamlit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9924feddaacd4b86934ddc7bdf8ff498921a80b34bf99a9136baa592fcc504b6 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...
1cijferho (=0.1.0), 203-python-project-rc (>=0.2.0 <=0.2.2) +3240 more potentially affected by CVE-2026-10804 via streamlit (>=0.49.0 <=1.9.2)
streamlit PYPI version =0.49.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.7.1, =0.1.0, =0.0.1, =1.1.0, =2.0.0, =2.0.9 and more Source cves: CVE-2026-10804 Source advisory: SNYK:PYTHON-STREAMLIT-17176399...
Use of Weak Hash
Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...
PYSEC-2026-212
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
PYSEC-0000-CVE-2026-10804
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
CVE-2026-10804
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
PYSEC-2026-212
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
CVE-2026-10804 Streamlit Palette hashing.py weak hash
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
CVE-2026-10804
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
EUVD-2026-34246
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
CVE-2026-10804 Streamlit Palette hashing.py weak hash
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...
CVE-2026-10804
CVE-2026-10804 affects Streamlit up to 1.53.0, targeting an unknown function in the Palette Handler’s hashing.py (lib/streamlit/runtime/caching/hashing.py). The issue allows use of a weak hash due to the described manipulation, with local access required and a high attack complexity. The exploita...
Streamlit 安全漏洞
Streamlit is an open-source data-oriented Python application development framework created by Streamlit. Versions of Streamlit 1.53.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of weak hashing algorithms in the lib/streamlit/runtime/caching/hashing.py...
PT-2026-46190
Name of the Vulnerable Software and Affected Versions Streamlit versions prior to 1.53.0 Description An issue exists in the Palette Handler component within the lib/streamlit/runtime/caching/hashing.py library. Manipulation of an unknown function in this library can lead to the use of a weak hash...
Decepticon
⚡ Decepticon — Autonomous Multi-Agent Offensive Security !L...
Webite-Security-Scanner
Webite-Security-Scanner A modular web...
CVE-2026-29872
A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19. The affected Streamlit-based GitHub MCP Agent stores user-supplied API tokens in process-wide environment variables using os.environ without...
EUVD-2026-17141
A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19. The affected Streamlit-based GitHub MCP Agent stores user-supplied API tokens in process-wide environment variables using os.environ without...