CVE-2026-13513

Name of the Vulnerable Software and Affected Versions MyScale MyScaleDB versions prior to 1.8.1

Description Insufficient verification of data authenticity occurs within the SegmentId::getCacheKey() function located in the src/VectorIndex/Common/SegmentId.h library. This flaw allows for remote attacks, although they are characterized by high complexity and difficult exploitability.

Recommendations As a temporary workaround, restrict access to the SegmentId::getCacheKey() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.