CVE-2026-10801 - Vulnerability Details

- modelscope ms-swift PIL Image Cache Key base.py Template._save_pil_image weak hash

Description

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template._save_pil_image of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A high degree of complexity is needed for the attack. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.

Published: 2026-06-04

Score: 2 Low

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability lies in the Template._save_pil_image function of ms-swift's PIL Image Cache Key Handler. In this component a weak hash algorithm is used to generate cache keys for images. Such cryptographic weak hash usage can lead to hash collisions when distinct images produce the same key. If an attacker can supply two images that map to the same key, the cache might serve a wrong image, compromising data integrity or allowing denial of service by evicting cache entries. The weakness is classified as CWE-327 and CWE-328, indicating insufficient algorithm strength.

Affected Systems

Affected systems are all deployments of the modelscope ms-swift package with a version equal or less than 4.2.0. The CVE explicitly mentions up to version 4.2.0 inclusive. This includes any environments that have not yet applied the pending fix in the 4.2.1 release.

Risk and Exploitability

Risk: The CVSS base score is 2.0, reflecting limited impact. EPSS is unavailable but the exploitability is described as difficult with a high attack complexity. The vulnerability is only exploitable locally, so it requires the attacker to have local code execution or file write access in the environment where ms-swift runs. The vulnerability is not listed in CISA’s KEV catalog. Therefore the overall threat is low to moderate, but local administrators should still assess whether local attack vectors are possible in their setup.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

modelscope

ms-swift

affected

Version	Status	Constraints
`4.0`	affected	—
`4.1`	affected	—
`4.2.0`	affected	—

No data.

Vendor Product Confidence Versions

Modelscope

Ms Swift

95%

Version	Status	Scheme	Platform
`4.0`	affected	generic	—
`4.1`	affected	generic	—
`4.2.0`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Install the patched version of ms-swift (4.2.1 or later) once the pull request lands, which replaces the weak hash with a secure implementation.
If an update cannot be applied immediately, disable image caching or configure the component to use an externally managed cache that avoids the weak hash algorithm.
Monitor cache integrity logs for unexpected cache key collisions or mismatched image contents and conduct regular code reviews to ensure cryptographic hash functions remain strong.

Generated by OpenCVE AI on June 4, 2026 at 12:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/modelscope/ms-swift/
https://github.com/modelscope/ms-swift/issues/9360
https://github.com/modelscope/ms-swift/pull/9359
https://vuldb.com/cve/CVE-2026-10801
https://vuldb.com/submit/831455
https://vuldb.com/submit/831456
https://vuldb.com/vuln/368250
https://vuldb.com/vuln/368250/cti

History

Thu, 04 Jun 2026 12:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Modelscope ms Swift
Vendors & Products		Modelscope ms Swift

Thu, 04 Jun 2026 11:15:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template._save_pil_image of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A high degree of complexity is needed for the attack. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
Title		modelscope ms-swift PIL Image Cache Key base.py Template._save_pil_image weak hash
First Time appeared		Modelscope Modelscope ms-swift
Weaknesses		CWE-327 CWE-328
CPEs		cpe:2.3:a:modelscope:ms-swift::::::::
Vendors & Products		Modelscope Modelscope ms-swift
References		https://github.com/modelscope/ms-swift/ https://github.com/modelscope/ms-swift/issues/9360 https://github.com/modelscope/ms-swift/pull/9359 https://vuldb.com/cve/CVE-2026-10801 https://vuldb.com/submit/831455 https://vuldb.com/submit/831456 https://vuldb.com/vuln/368250 https://vuldb.com/vuln/368250/cti
Metrics		cvssV2_0 `{'score': 2.4, 'vector': 'AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 3.6, 'vector': 'CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 3.6, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 2, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Modelscope Ms-swift Ms Swift

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-06-04T11:00:13.074Z

Updated: 2026-06-04T11:00:13.074Z

Reserved: 2026-06-04T04:59:37.871Z

Link: CVE-2026-10801

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-04T11:16:25.800

Modified: 2026-06-04T11:16:25.800

Link: CVE-2026-10801

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-04T12:30:13Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object