EUVD-2026-34290
GHSA-3hh9-752g-5g22
Severity by source
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high level of complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
AnalysisAI
Weak hash truncation in LMCache up to 0.4.6 allows a local low-privilege attacker to induce KV cache collisions by exploiting the severely constrained 16-bit integer output of hex_hash_to_int16 in the vLLM integration's KV Cache Handler. The function masks multimodal content hash identifiers to at most 65,536 unique values, making engineered collisions feasible and causing incorrect cached KV entries to be served, affecting both cache integrity and availability. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attack requires local access to the host running LMCache (AV:L) and a low-privilege operating system account (PR:L) - remote exploitation is not possible. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 3.1 scores this 3.6 (Low) with vector AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L, which accurately reflects the constrained attack surface: local access is mandatory, complexity is high (requires crafted colliding inputs), and a low-privilege account is needed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local attacker with a low-privilege account on a server running LMCache with vLLM multimodal inference analyzes the 16-bit truncation behavior of `hex_hash_to_int16` to identify or craft multimodal content identifiers whose hashes collide under the masking scheme. By submitting crafted multimodal inputs to the inference pipeline, the attacker causes LMCache to return incorrect cached KV entries for different content, corrupting inference output integrity or causing cache-related service disruption. … |
| Remediation | The upstream fix is available as GitHub pull request #2932 (https://github.com/LMCache/LMCache/pull/2932), which replaces `hex_hash_to_int16` with `hex_hash_to_int64` using a signed-int64-safe integer range and retains `hex_hash_to_int16` as a deprecated backward-compatible alias. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today