Description
A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure.
Published: 2026-06-28
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the username.encode function within the User ID Handler of Skypilot. It utilizes a weak hashing algorithm as described by CWE‑327 and CWE‑328, allowing an attacker to potentially reconstruct or guess user credentials. The description indicates the flaw can be exploited remotely, though the attack carries high complexity and is considered difficult. Nonetheless, the exploit is publicly available, raising the risk of unauthorized authentication or credential theft.

Affected Systems

All installations of skypilot-org Skypilot up to version 0.12.0 are affected. No specific upgrades are listed, but any deployment using these versions must be reviewed for remediation.

Risk and Exploitability

The CVSS score of 6.3 denotes medium severity. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. Despite the lack of a statistical exploit probability, the described remote nature and publicly available exploit suggest a non‑negligible threat. Attackers would need to contend with the high complexity and difficulty noted by the vendor, yet the existence of a public exploit lowers the overall barrier for potential use.

Generated by OpenCVE AI on June 28, 2026 at 06:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Skypilot to a version newer than 0.12.0 that implements a stronger hashing algorithm for user identifiers.
  • If an upgrade is not immediately possible, replace the weak hash within username.encode with a secure algorithm such as bcrypt or Argon2 to prevent credential reconstruction.
  • Deploy rate‑limiting and multi‑factor authentication on the login endpoints to reduce the effectiveness of brute‑force attempts.

Generated by OpenCVE AI on June 28, 2026 at 06:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 28 Jun 2026 05:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure.
Title skypilot-org skypilot User ID server.py username.encode weak hash
First Time appeared Skypilot-org
Skypilot-org skypilot
Weaknesses CWE-327
CWE-328
CPEs cpe:2.3:a:skypilot-org:skypilot:*:*:*:*:*:*:*:*
Vendors & Products Skypilot-org
Skypilot-org skypilot
References
Metrics cvssV2_0

{'score': 2.6, 'vector': 'AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.7, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Skypilot-org Skypilot
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-28T04:30:10.004Z

Reserved: 2026-06-27T13:54:12.298Z

Link: CVE-2026-13482

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-28T07:00:14Z

Weaknesses
  • CWE-327

    Use of a Broken or Risky Cryptographic Algorithm

  • CWE-328

    Use of Weak Hash