CVE-2026-8786
Description
A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An IDOR vulnerability in WeKnora up to 0.3.6 allows any authenticated user to read or modify any knowledge base's configuration without cross-tenant authorization checks.
Vulnerability
The getKnowledgeBaseForInitialization function in internal/handler/initialization.go of Tencent WeKnora up to version 0.3.6 lacks object-level authorization. The function retrieves a Knowledge Base solely by its globally unique kbId without verifying that the requesting user's tenant has permission to access that Knowledge Base. This affects the configuration readout (GET /api/v1/initialization/config/{kbId}), API config update (PUT /api/v1/initialization/config/{kbId}), and initialization execution (POST /api/v1/initialization/kb/{kbId}) endpoints. Unlike other endpoints like CopyKnowledgeBase which enforce tenant context using GetKnowledgeBaseByIDAndTenant, this retrieval path fails to validate the active request's TenantID [1].
Exploitation
An attacker only needs valid authentication to the WeKnora instance. No special privileges or prior knowledge about the target tenant is required. The attacker can enumerate or guess a victim’s kbId and then issue a request to any of the three vulnerable endpoints. For write operations (config update), the API imposes a model validation check that can be bypassed by the attacker first creating fake LLM and Embedding models within their own tenant, then referencing those models in the update payload for the victim's Knowledge Base configuration [1].
Impact
A successful attack permits unauthorized reading and arbitrary modification of any Knowledge Base's configuration (including chunk size, overlap, separators, and LLM model settings). This leads to cross-tenant information disclosure and logical disruption of the victim's knowledge base operations. Since this is an authorization bypass affecting the initialization process, the attacker can effectively control how a victim’s Knowledge Base processes data, potentially causing data corruption or service degradation [1].
Mitigation
As of the disclosed date (2026-05-18), no official fix has been released. The vendor was contacted but did not respond. The vulnerability affects WeKnora versions up to and including 0.3.6. The recommended workaround is to apply input validation on the kbId parameter and enforce tenant context checks (similar to the already-patched CopyKnowledgeBase endpoint) until an official patch is made available [1].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- gist.github.com/YLChen-007/1cdc50418f29af7ae671466425e52c7bnvdExploitThird Party Advisory
- vuldb.com/submit/812172nvdExploitThird Party AdvisoryVDB Entry
- vuldb.com/vuln/364410nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/364410/ctinvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.