Skip to main content

wandb CVE-2026-15605

LOW
Use of Weak Hash (CWE-328)
2026-07-13 VulDB
2.3
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
2.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.2 MEDIUM

Network vector for remote artifact storage access; high complexity for MD5 collision; low privilege per authenticated wandb requirement; both confidentiality and integrity impacts apply given file substitution and hash exposure.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Source Code Evidence Fetched
Jul 13, 2026 - 23:17 vuln.today
Analysis Generated
Jul 13, 2026 - 23:17 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The pull request to fix this issue awaits acceptance.

AnalysisAI

Artifact Integrity Validation in wandb 0.25.2.dev1 uses MD5 (a cryptographically broken hash algorithm) within ArtifactManifestEntry.download in wandb/sdk/lib/hashutil.py, enabling a sufficiently resourced attacker with write access to artifact storage or a man-in-the-middle network position to substitute a malicious artifact file that shares the same MD5 digest as a legitimate one, bypassing download integrity checks. The CVSS 4.0 base score of 2.3 reflects high attack complexity and the requirement for authenticated access (PR:L), placing real-world exploitability firmly in the theoretical-to-low range. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Obtain low-privilege wandb credentials (PR:L)
Delivery
Identify target artifact in storage backend
Exploit
Compute MD5 collision for malicious payload (AC:H)
Install
Overwrite legitimate artifact file in storage
C2
Victim pipeline calls ArtifactManifestEntry.download()
Execute
Weak MD5 check passes on substituted file
Impact
Malicious artifact consumed as authentic

Vulnerability AssessmentAI

Exploitation Exploitation requires all of the following: (1) the target deployment uses wandb 0.25.2.dev1 or another version where ArtifactManifestEntry.download performs integrity validation using MD5 only, without the SHA-256 supplementary check from PR #12031; (2) the attacker has either write access to the artifact storage backend (e.g., object storage bucket) or a man-in-the-middle network position between the wandb client and storage service, per CVSS AV:N; (3) the attacker holds at minimum a low-privilege wandb account or credential sufficient to interact with the artifact system, per CVSS PR:L - unauthenticated exploitation is not supported by the available vector data; (4) the attacker can generate a valid MD5 collision for the target file, a computationally expensive operation per CVSS AC:H. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N) scores 2.3, reflecting two major exploitation barriers: high attack complexity (MD5 collision generation is computationally expensive and requires specialized tooling) and a requirement for low-privilege authenticated access. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with write access to a wandb artifact storage bucket identifies a target ML model artifact registered in a wandb project. Using offline MD5 chosen-prefix collision tooling, the attacker crafts a malicious model weights file that produces the same MD5 base64 digest as the legitimate artifact. …
Remediation The primary fix is available as an upstream pull request at https://github.com/wandb/wandb/pull/12031, which introduces SHA-256 integrity verification (sha256_file_b64) as a supplementary check alongside the existing MD5 digest in ArtifactManifestEntry. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15605 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy