Skip to main content

MyScaleDB EUVDEUVD-2026-40010

| CVE-2026-13513 LOW
Insufficient Verification of Data Authenticity (CWE-345)
2026-06-29 cna@vuldb.com GHSA-q6r3-vph9-qrqg
1.3
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
1.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.2 MEDIUM

Requires authenticated network access and a vector-indexed table (AC:H/PR:L); impact is limited to stale search result integrity and limited data disclosure with no availability consequence.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 29, 2026 - 00:31 vuln.today
Analysis Generated
Jun 29, 2026 - 00:31 vuln.today

DescriptionCVE.org

A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.

AnalysisAI

Insufficient data authenticity verification in MyScaleDB's vector index cache key function allows authenticated remote users to obtain stale or inconsistent vector search results following mutation operations on indexed columns. Versions through 1.8.0 are affected. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to MyScaleDB with low-privilege credentials
Delivery
Identify MergeTree table with vector index on target column
Exploit
Issue ALTER TABLE UPDATE mutation on the indexed column
Execution
MutateTask skips vector index rebuild due to missing authenticity check
Persist
Query vector similarity search against stale index
Impact
Receive results inconsistent with current data state

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid database session with at least low-privilege access (PR:L per the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 1.3 accurately reflects a low-priority issue for most organizations: AC:H indicates exploitation requires specific database state (a table with a vector index on the mutated column), PR:L confirms an authenticated session is mandatory, and the CIA impacts are all low with no scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated database user with low-level privileges identifies a MergeTree table with a vector index defined on a floating-point column. The user issues an ALTER TABLE UPDATE statement modifying values in that indexed column. …
Remediation No vendor-released patched version is available at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40010 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy