LOW
wandb
CVE published 2026-07-13
CVE-2026-15605
A security vulnerability has been detected in wandb 0.25.2.dev1, specifically in the ArtifactManifestEntry.download function within the wandb/sdk/lib/hashutil.py file, which is part of the Artifact Integrity Validation component. The issue involves the use of a weak hash. The attack may be initiated remotely, but a high degree of complexity is needed, and exploitability is considered difficult. A pull req [truncated]