VYPR

Langchain Chatchat

by Chatchat Space

Source repositories

CVEs (7)

  • CVE-2026-7844MedMay 5, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component…

  • CVE-2025-6853MedJun 29, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This affects the function upload_temp_docs of the file /knowledge_base/upload_temp_docs of the component Backend. The manipulation of the argument flag leads to path…

  • CVE-2025-6855MedJun 29, 2025
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The exploit has been disclosed to…

  • CVE-2025-6854MedJun 29, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has…

  • CVE-2026-7847LowMay 5, 2026
    risk 0.17cvss 2.6epss 0.00

    A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Handler. Performing a manipulation results…

  • CVE-2026-7846LowMay 5, 2026
    risk 0.17cvss 2.6epss 0.00

    A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument…

  • CVE-2026-7845LowMay 5, 2026
    risk 0.17cvss 2.6epss 0.00

    A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the…