Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable WebSocket, no attacker auth (PR:N) but requires obtaining a valid sessionId (AC:H); scope changes as attacker gains victim's identity/permissions; no availability impact.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the restore_existing_session path to assume a victim's permissions and roles, enabling unauthorized invocation of tools and access to data restricted to the authenticated victim.
AnalysisAI
Session hijacking in Chainlit before 2.10.1 allows remote attackers with a valid victim sessionId to inherit an authenticated user's session via the WebSocket restore_existing_session path, which fails to verify session ownership. Successful exploitation grants the attacker the victim's roles and permissions, enabling unauthorized tool invocation and access to restricted data. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Attacker must possess a valid, currently-active sessionId belonging to an authenticated Chainlit user and must be able to reach the Chainlit WebSocket endpoint over the network. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 8.8 reflects network reach with high confidentiality and integrity impact on both the vulnerable and a subsequent system (the connected backend tools and data), but AC:H and PR:L indicate exploitation is non-trivial and requires the attacker to first obtain a valid victim sessionId - for example via log leakage, referrer exposure, XSS, or network interception. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who obtains a valid Chainlit sessionId for an authenticated user - for example from a leaked browser log, a shared screenshot, an HTTP referrer, or a network capture - opens a WebSocket connection and invokes the restore_existing_session path with that sessionId. Chainlit rebinds the existing authenticated identity to the attacker's socket, allowing them to invoke tools and read data as the victim. … |
| Remediation | Vendor-released patch: upgrade Chainlit to 2.10.1 or later (https://github.com/Chainlit/chainlit/releases/tag/2.10.1), which adds session-ownership validation on WebSocket restore via PR #2857 (commit 5effb664f1e0af4a4f0a42fe63ea979676039a7f). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all Chainlit deployments, identify current versions, and determine criticality of systems running vulnerable versions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Server-side request forgery in Chainlit before 2.9.4 lets an authenticated user coerce the server into fetching an attac
Arbitrary file read in Chainlit versions prior to 2.9.4 lets an authenticated user disclose any file readable by the Cha
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38285
GHSA-c39v-8hrw-h448