{"url":"http://public2.vulnerablecode.io/api/packages/926091?format=json","purl":"pkg:npm/%40lobehub/chat@1.136.12","type":"npm","namespace":"@lobehub","name":"chat","version":"1.136.12","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.143.3","latest_non_vulnerable_version":"1.143.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66732?format=json","vulnerability_id":"VCID-er7s-fgbe-sbfs","summary":"LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload feature in `Knowledge Base > File Upload` does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitrary files in abnormal or unintended paths. In addition, since `lobechat.com` relies on the size parameter from the request to calculate file usage, an attacker can manipulate this value to misrepresent the actual file size, such as uploading a `1 GB` file while reporting it as `10 MB`, or falsely declaring a `10 MB` file as a `1 GB` file. By manipulating the size value provided in the client upload request, it is possible to bypass the monthly upload quota enforced by the server and continuously upload files beyond the intended storage and traffic limits. This abuse can result in a discrepancy between actual resource consumption and billing calculations, causing direct financial impact to the service operator. Additionally, exhaustion of storage or related resources may lead to degraded service availability, including failed uploads, delayed content delivery, or temporary suspension of upload functionality for legitimate users. A single malicious user can also negatively affect other users or projects sharing the same subscription plan, effectively causing an indirect denial of service (DoS). Furthermore, excessive and unaccounted-for uploads can distort monitoring metrics and overload downstream systems such as backup processes, malware scanning, and media processing pipelines, ultimately undermining overall operational stability and service reliability. Version 1.143.3 contains a patch for the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23835","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13198","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13282","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13307","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13299","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23835"},{"reference_url":"https://github.com/lobehub/lobehub","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub"},{"reference_url":"https://github.com/lobehub/lobehub/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23835","reference_id":"CVE-2026-23835","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23835"},{"reference_url":"https://github.com/advisories/GHSA-wrrr-8jcv-wjf5","reference_id":"GHSA-wrrr-8jcv-wjf5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wrrr-8jcv-wjf5"},{"reference_url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-wrrr-8jcv-wjf5","reference_id":"GHSA-wrrr-8jcv-wjf5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-30T20:21:13Z/"}],"url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-wrrr-8jcv-wjf5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38472?format=json","purl":"pkg:npm/%40lobehub/chat@1.143.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.143.3"}],"aliases":["CVE-2026-23835","GHSA-wrrr-8jcv-wjf5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-er7s-fgbe-sbfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66820?format=json","vulnerability_id":"VCID-gz61-9wgj-audn","summary":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23522","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20708","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20709","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20531","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20731","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23522"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6","reference_id":"2c1762b85acb84467ed5e799afe1499cd2f912e6","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T21:35:33Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522","reference_id":"CVE-2026-23522","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"},{"reference_url":"https://github.com/advisories/GHSA-j7xp-4mg9-x28r","reference_id":"GHSA-j7xp-4mg9-x28r","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j7xp-4mg9-x28r"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r","reference_id":"GHSA-j7xp-4mg9-x28r","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T21:35:33Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}],"fixed_packages":[],"aliases":["CVE-2026-23522","GHSA-j7xp-4mg9-x28r"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gz61-9wgj-audn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66836?format=json","vulnerability_id":"VCID-r5vz-1385-kqh9","summary":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.180, a stored Cross-Site Scripting (XSS) vulnerability in the Mermaid artifact renderer allows attackers to execute arbitrary JavaScript within the application context. This XSS can be escalated to Remote Code Execution (RCE) by leveraging the exposed `electronAPI` IPC bridge, allowing attackers to run arbitrary system commands on the victim's machine. Version 2.0.0-next.180 patches the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23733","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35668","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35673","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35688","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35489","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23733"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23733","reference_id":"CVE-2026-23733","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23733"},{"reference_url":"https://github.com/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4gpc-rhpj-9443"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T19:37:28Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-4gpc-rhpj-9443"},{"reference_url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-4gpc-rhpj-9443"}],"fixed_packages":[],"aliases":["CVE-2026-23733","GHSA-4gpc-rhpj-9443"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5vz-1385-kqh9"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.136.12"}