Lucene search
K

169 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 12:8 a.m.5 views

CVE-2026-10804

A flaw was found in Streamlit, within its Palette Handler component. This vulnerability stems from the use of a weak hashing algorithm. A local attacker could exploit this flaw, though it requires a high level of technical complexity. Successful exploitation may lead to a low impact on the...

4.7CVSS5.8AI score0.00083EPSS
Exploits0References10
Snyk
Snyk
added 2026/06/06 9:0 p.m.12 views

Embedded Malicious Code

Overview mflux-streamlit is a Streamlit WebUI application for the mflux project. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that h...

9.8CVSS5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/06 6:13 a.m.13 views

MAL-2026-5301 Malicious code in mflux-streamlit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9924feddaacd4b86934ddc7bdf8ff498921a80b34bf99a9136baa592fcc504b6 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References7
vulnersOsv
vulnersOsv
added 2026/06/04 2:26 p.m.6 views

1cijferho (=0.1.0), 203-python-project-rc (>=0.2.0 <=0.2.2) +3240 more potentially affected by CVE-2026-10804 via streamlit (>=0.49.0 <=1.9.2)

streamlit PYPI version =0.49.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.7.1, =0.1.0, =0.0.1, =1.1.0, =2.0.0, =2.0.9 and more Source cves: CVE-2026-10804 Source advisory: SNYK:PYTHON-STREAMLIT-17176399...

4.7CVSS5.7AI score0.00083EPSS
Exploits0
Snyk
Snyk
added 2026/06/04 2:26 p.m.14 views

Use of Weak Hash

Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...

5.7CVSS6AI score0.00083EPSS
Exploits0References2
PyPA
PyPA
added 2026/06/04 12:16 p.m.10 views

PYSEC-2026-212

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4.5AI score0.00083EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/06/04 12:16 p.m.9 views

PYSEC-0000-CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4.2AI score0.00083EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/06/04 12:16 p.m.15 views

CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS0.00083EPSS
Exploits0References7
OSV
OSV
added 2026/06/04 12:16 p.m.7 views

PYSEC-2026-212

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4AI score0.00083EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 p.m.12 views

CVE-2026-10804 Streamlit Palette hashing.py weak hash

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS5AI score0.00083EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 p.m.7 views

CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS5AI score0.00083EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/04 12:0 p.m.24 views

EUVD-2026-34246

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS5AI score0.00083EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 12:0 p.m.44 views

CVE-2026-10804 Streamlit Palette hashing.py weak hash

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS0.00083EPSS
Exploits0References7
CVE
CVE
added 2026/06/04 12:0 p.m.25 views

CVE-2026-10804

CVE-2026-10804 affects Streamlit up to 1.53.0, targeting an unknown function in the Palette Handler’s hashing.py (lib/streamlit/runtime/caching/hashing.py). The issue allows use of a weak hash due to the described manipulation, with local access required and a high attack complexity. The exploita...

4.7CVSS5AI score0.00083EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

Streamlit 安全漏洞

Streamlit is an open-source data-oriented Python application development framework created by Streamlit. Versions of Streamlit 1.53.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of weak hashing algorithms in the lib/streamlit/runtime/caching/hashing.py...

4.7CVSS4.9AI score0.00083EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.26 views

PT-2026-46190

Name of the Vulnerable Software and Affected Versions Streamlit versions prior to 1.53.0 Description An issue exists in the Palette Handler component within the lib/streamlit/runtime/caching/hashing.py library. Manipulation of an unknown function in this library can lead to the use of a weak hash...

4.7CVSS4.7AI score0.00083EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2026/04/13 11:53 a.m.130 views

Decepticon

⚡ Decepticon — Autonomous Multi-Agent Offensive Security !L...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/12 11:10 a.m.96 views

Webite-Security-Scanner

Webite-Security-Scanner A modular web...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.5 views

CVE-2026-29872

A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19. The affected Streamlit-based GitHub MCP Agent stores user-supplied API tokens in process-wide environment variables using os.environ without...

8.2CVSS5.9AI score0.00253EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/30 6:31 p.m.3 views

EUVD-2026-17141

A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19. The affected Streamlit-based GitHub MCP Agent stores user-supplied API tokens in process-wide environment variables using os.environ without...

8.2CVSS5.9AI score0.00253EPSS
Exploits1References2
Rows per page
Query Builder