CVE-2026-30855
HIGH
GHSA-ccj6-79j6-cq5q
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Description
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2.
Analysis
Insufficient authorization checks in WeKnora's tenant management endpoints allow any authenticated user to read, modify, or delete arbitrary tenants, with public exploit code available. Since the application allows open registration, unauthenticated attackers can register an account and exploit this flaw to perform cross-tenant account takeover and data destruction. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all WeKnora deployments and assess if they support multiple tenants; disable WeKnora if business-critical and no mitigation available. Within 7 days: Implement network segmentation to restrict WeKnora access to authorized personnel only; enable comprehensive audit logging of tenant operations; notify affected customers of exposure window. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today