A vulnerability was found in modelscope ms-swift up to 4.2.0 . It has been rated as critical . This affects the function Template._save_pil_image of the file swift/template/base.py of the component PIL Image Cache Key Handler . The manipulation leads to use of weak hash. This vulnerability is traded as CVE-2026-10801 . An attack has to be approached locally. Furthermore, there is an exploit available. The pull request to fix this issue awaits acceptance.