CVE-2026-36719
Description
AgentChat v2.3.0 has an info disclosure flaw in the /api/v1/user/info endpoint, exposing password hashes via user ID enumeration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
AgentChat v2.3.0 has an info disclosure flaw in the /api/v1/user/info endpoint, exposing password hashes via user ID enumeration.
Vulnerability
An information disclosure vulnerability exists in AgentChat versions up to and including v2.3.0. The /api/v1/user/info endpoint fails to filter sensitive fields, returning all database fields, including SHA256 password hashes without salt, when queried with a user ID. This issue is present in /src/backend/agentchat/api/v1/user.py, /src/backend/agentchat/api/services/user.py, and /src/backend/agentchat/database/dao/user.py [1].
Exploitation
An unauthenticated attacker can exploit this vulnerability by enumerating user IDs and sending requests to the /api/v1/user/info endpoint. The API will return sensitive user information, including password hashes, for each queried user ID without requiring any authentication or authorization [1].
Impact
Successful exploitation allows an attacker to obtain sensitive information, specifically SHA256 password hashes for any user. These hashes can then be subjected to rainbow table attacks or online cracking services to potentially recover user passwords, significantly compromising user account security [1].
Mitigation
It is recommended to implement proper field filtering to exclude sensitive data from API responses, use cryptographically secure salted password hashing algorithms, and apply proper authentication and authorization checks. The available references do not specify a fixed version or release date for this vulnerability [1].
AI Insight generated on Jun 9, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: =2.3.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The /api/v1/user/info endpoint returns all database fields without proper filtering, including sensitive information such as password hashes."
Attack vector
An unauthenticated attacker can exploit this vulnerability by sending requests to the `/api/v1/user/info` endpoint. By enumerating user IDs, the attacker can trigger the endpoint to return all user data, which includes SHA256 password hashes without salt. This information can then be used for offline cracking attempts [ref_id=1].
Affected code
The vulnerability resides in the `/api/v1/user/info` endpoint, specifically within the `UserService.get_user_info_by_id` method and the `UserDao.get_user` method. These functions retrieve user information from the database and return all fields without filtering sensitive data like password hashes [ref_id=1].
What the fix does
The advisory recommends implementing proper field filtering to exclude sensitive data from API responses, using cryptographically secure salted password hashing algorithms, and applying proper authentication and authorization checks. The patch is not available in the provided bundle, so the exact code changes are not detailed.
Preconditions
- authThe attacker does not need to be authenticated.
Generated on Jun 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.