23 matches found
CVE-2026-7844
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/listfiles/retrievefile/retrievefilecontent/deletefile of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Compatible File Service...
EUVD-2026-27408
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...
EUVD-2026-27390
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...
CVE-2026-7847
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...
CVE-2026-7847
CVE-2026-7847 affects chatchat-space Langchain-Chatchat up to v0.3.1.3. The vulnerability is in the function _get_file_id within libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the Uploaded File Handler. Manipulation leads to insufficiently random values, with local-network ac...
CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...
CVE-2026-7846
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...
CVE-2026-7846 chatchat-space Langchain-Chatchat OpenAI-Compatible File Upload API openai_routes.py files toctou
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...
CVE-2026-7846 chatchat-space Langchain-Chatchat OpenAI-Compatible File Upload API openai_routes.py files toctou
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...
CVE-2026-7845
The CVE-2026-7845 issue affects chatchat-space Langchain-Chatchat (up to 0.3.1.3). It targets the Vision Chat Paste Image Handler: the function PIL.Image.tobytes in libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py, via manipulation of paste_image.image_data, leads to the use of a we...
CVE-2026-7845 chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7845
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7845 chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7844
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/listfiles/retrievefile/retrievefilecontent/deletefile of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Compatible File Service...
CVE-2026-7844 chatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authentication
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/listfiles/retrievefile/retrievefilecontent/deletefile of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Compatible File Service...
CVE-2026-7844
CVE-2026-7844 concerns the chatchat-space Langchain-Chatchat project up to version 0.3.1.3. The vulnerability resides in the Compatible File Service, specifically the function set in libs/chatchat-server/chatchat/server/api_server/openai_routes.py (delete_file, as well as related file endpoints l...
PT-2026-37082
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui pages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument paste...
PT-2026-37081
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list files/retrieve file/retrieve file content/delete file of the file libs/chatchat-server/chatchat/server/api server/openai routes.py of the component Compatible File...
CVE-2025-6855 chatchat-space Langchain-Chatchat file path traversal
A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The exploit has been disclosed to the public and may ...