CVE-2026-15605
Gravedad CVSS v4.0:
BAJA
Tipo:
CWE-327
Uso de algoritmo criptográfico vulnerable o inseguro
Fecha de publicación:
13/07/2026
Última modificación:
13/07/2026
Descripción
*** Pendiente de traducción *** A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The pull request to fix this issue awaits acceptance.
Impacto
Puntuación base 4.0
2.30
Gravedad 4.0
BAJA
Puntuación base 3.x
3.10
Gravedad 3.x
BAJA
Puntuación base 2.0
2.10
Gravedad 2.0
BAJA



