Low severity3.6NVD Advisory· Published Jun 4, 2026· Updated Jun 10, 2026
CVE-2026-10804
CVE-2026-10804
Description
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.53.0
Patches
Vulnerability mechanics
References
6- github.com/streamlit/streamlit/issues/14622nvdIssue TrackingMitigationPatch
- github.com/streamlit/streamlit/pull/14635nvdIssue TrackingPatch
- vuldb.com/cve/CVE-2026-10804nvdThird Party AdvisoryVDB Entry
- vuldb.com/submit/831508nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/368253nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/368253/ctinvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.