VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-e33n-whey-23d9

Essentials
Severities (16)
References (7)
Severity details (15)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-e33n-whey-23d9
Aliases	CVE-2025-69207 GHSA-6whj-7qmg-86qj
Summary	Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion configurations with their own, resulting in data poisoning and unauthorized access to the victim's Khoj search index. This attack requires knowing the user's UUID which can be leaked through shared conversations where an AI generated image is present. This vulnerability is fixed in 2.0.0-beta.23.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-639	Authorization Bypass Through User-Controlled Key
CWE-862	Missing Authorization
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00013	https://api.first.org/data/v1/epss?cve=CVE-2025-69207
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-6whj-7qmg-86qj
cvssv3.1	5.4	https://github.com/khoj-ai/khoj
generic_textual	MODERATE	https://github.com/khoj-ai/khoj
cvssv3.1	5.4	https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b
generic_textual	MODERATE	https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b
ssvc	Track	https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b
cvssv3.1	5.4	https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23
generic_textual	MODERATE	https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23
ssvc	Track	https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23
cvssv3.1	5.4	https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj
cvssv3.1_qr	MODERATE	https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj
generic_textual	MODERATE	https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj
ssvc	Track	https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj
cvssv3.1	5.4	https://nvd.nist.gov/vuln/detail/CVE-2025-69207
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-69207

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2025-69207
		https://github.com/khoj-ai/khoj
1b7ccd141d47f365edeccc57d7316cb0913d748b		https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b
2.0.0-beta.23		https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23
CVE-2025-69207		https://nvd.nist.gov/vuln/detail/CVE-2025-69207
GHSA-6whj-7qmg-86qj		https://github.com/advisories/GHSA-6whj-7qmg-86qj
GHSA-6whj-7qmg-86qj		https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Found at https://github.com/khoj-ai/khoj

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Found at https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:44:16Z/ Found at https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Found at https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:44:16Z/ Found at https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Found at https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:44:16Z/ Found at https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2025-69207

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.01988
EPSS Score	0.00013
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:16:32.279777+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2025/69xxx/CVE-2025-69207.json	38.6.0