CVE-2026-11479: A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file ind
Summary
A vulnerability (CVE-2026-11479) was found in grepai version 0.35.0 that involves the use of weak hash functions (a cryptographic method that doesn't adequately scramble data) in the file indexer/chunker.go, which is part of the Qdrant Backend component. The vulnerability is difficult to exploit and requires remote access with user credentials, though the exploit details have been publicly disclosed.
Vulnerability Details
4.2(medium)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
network
high
low
none
June 7, 2026
Classification
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2026-26190: Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expose
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-11479
First tracked: June 8, 2026 at 02:07 AM
Classified by LLM (prompt v3) · confidence: 65%