GHSA-3hh9-752g-5g22LowCVSS 3.6
A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the...
🔗 CVE IDs covered (1)
📋 Description
A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high level of complexity. It is indicated that the exploitability is difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
🔗 References (9)
- https://nvd.nist.gov/vuln/detail/CVE-2026-10813
- https://github.com/LMCache/LMCache/issues/3301
- https://github.com/LMCache/LMCache/pull/2932
- https://github.com/LMCache/LMCache
- https://vuldb.com/cve/CVE-2026-10813
- https://vuldb.com/submit/831641
- https://vuldb.com/vuln/368261
- https://vuldb.com/vuln/368261/cti
- https://github.com/advisories/GHSA-3hh9-752g-5g22