A couple of things:

1) It’s very fast. “How is that a disadvantage?” you may ask. Don’t we want computers to be fast? Well, not in this case. For one, you don’t need the speed. If your login takes 500 ms instead of 0.5 ms because of a slow hash function, you don’t really mind. On the other hand, being able to calculate a billion MD5 hashes per second instead of ten thousand increases the speed of brute force attacks significantly, making your hashes less secure.

This is bad in it’s own right, but it doesn’t even matter with MD5, because

2) It’s susceptible to so called “collision attacks”. A collision attack operates on a simple principle: since a hash function produces a fixed length output from variable length input, there will be multiple inputs with the same hash. If I can craft my own input with the expected hash, I can pass of forged things as valid.

By their nature, all hash functions have collisions, but for *good* hash functions finding these collisions should be no easier than just guessing. For MD5, it is *significantly* easier, making it broken by today’s metrics.