VYPR
← All advisories
Low severity3.6NVD Advisory· Published Jun 4, 2026

CVE-2026-10800

CVE-2026-10800

Description

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high complexity level is associated with this attack. The exploitation is known to be difficult. This patch is called 374945747652a8d32965591c0c01a00c88b7067f. Applying a patch is advised to resolve this issue.

Affected products

2

Patches

1
374945747652

[BugFix] fix multimodal hasher hash collision risk when ndarray shape or dtype differs (#7185)

https://github.com/paddlepaddle/fastdeploy3em0Apr 8, 2026via nvd-ref
commitPR #7185
2 files changed · +20 2
  • fastdeploy/multimodal/hasher.py+5 1 modified
    @@ -25,5 +25,9 @@ class MultimodalHasher:
     @classmethod
     def hash_features(cls, obj: object) -> str:
         if isinstance(obj, np.ndarray):
-            return hashlib.sha256((obj.tobytes())).hexdigest()
+            # Encode shape and dtype into the hash to avoid collisions between
+            # arrays that share the same raw bytes but differ in layout, e.g.
+            # a (6,4) vs (4,6) array, or float32 vs uint8 reinterpretation.
+            header = f"{obj.shape}|{obj.dtype}|".encode()
+            return hashlib.sha256(header + obj.tobytes()).hexdigest()
         return hashlib.sha256((pickle.dumps(obj))).hexdigest()
  • tests/multimodal/test_hasher.py+15 1 modified
    @@ -26,9 +26,23 @@ def test_hash_features_ndarray(self):
         """Test hash features with numpy ndarray"""
         arr = np.random.randint(low=0, high=255, size=(28, 28), dtype=np.uint8)
         arr_hash = MultimodalHasher.hash_features(arr)
-        target_hash = hashlib.sha256((arr.tobytes())).hexdigest()
+        header = f"{arr.shape}|{arr.dtype}|".encode()
+        target_hash = hashlib.sha256(header + arr.tobytes()).hexdigest()
         assert arr_hash == target_hash, f"Ndarray hash mismatch: {arr_hash} != {target_hash}"
 
+    def test_hash_features_ndarray_shape_sensitivity(self):
+        """Arrays with same bytes but different shapes must produce different hashes"""
+        base = np.arange(24, dtype=np.float32)
+        a = base.reshape(6, 4)
+        b = base.reshape(4, 6)
+        assert MultimodalHasher.hash_features(a) != MultimodalHasher.hash_features(b)
+
+    def test_hash_features_ndarray_dtype_sensitivity(self):
+        """Arrays with same shape but different dtypes must produce different hashes"""
+        a = np.zeros((4, 4), dtype=np.float32)
+        b = np.zeros((4, 4), dtype=np.float64)
+        assert MultimodalHasher.hash_features(a) != MultimodalHasher.hash_features(b)
+
     def test_hash_features_object(self):
         """Test hash features with unsupported object type"""
         obj = {"key": "value"}

Vulnerability mechanics

Root cause

"The hashing mechanism in MultimodalHasher did not sufficiently account for array shape and data type, leading to hash collisions."

Attack vector

An attacker with local access can exploit this vulnerability by providing specially crafted input data to the `hash_features` function. This input can be manipulated to produce a weak hash, potentially leading to unintended consequences within the application. The attack requires a high level of complexity and is considered difficult to execute.

Affected code

The vulnerability resides in the `hash_features` function located in the file `fastdeploy/multimodal/hasher.py`. The commit associated with the fix modifies this function to address hash collision risks related to ndarray shapes and data types [ref_id=1].

What the fix does

The patch modifies the `hash_features` function to include the array's shape and data type in the hash calculation. This is achieved by prepending a header string containing this metadata to the data being hashed. By incorporating shape and dtype, the fix ensures that arrays with different structures or types, even if they contain similar byte data, will produce distinct hashes, thereby mitigating hash collision risks [patch_id=4787686].

Preconditions

  • inputSpecially crafted input data for the `hash_features` function.
  • authLocal access to the affected system.

Generated on Jun 4, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

7

News mentions

0

No linked articles in our index yet.