{"data":{"id":"47ad55dc-0ace-4746-ac10-039ff51f850a","title":"CVE-2026-7844: A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function","summary":"A vulnerability in Langchain-Chatchat (a chatbot framework) up to version 0.3.1.3 allows attackers on the same local network to access file operations without authentication (missing authentication, meaning no login check). The vulnerability affects file-related functions like listing, retrieving, and deleting files, and the exploit code is now publicly available.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-7844","publishedAt":"2026-05-05T16:16:19.217Z","cveId":"CVE-2026-7844","cweIds":["CWE-287","CWE-306"],"cvssScore":"6.3","cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langchain-Chatchat","chatchat-space"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","attackVector":"adjacent","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-05-05T16:16:19.217Z","capecIds":["CAPEC-114","CAPEC-115"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}