Skip to main content

LobeChat CVE-2026-59100

| EUVDEUVD-2026-41431 LOW
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-07-02 VulnCheck GHSA-hgpq-q5hf-7r77
2.3
CVSS 4.0 · Vendor: VulnCheck

Severity by source

Vendor (VulnCheck) PRIMARY
2.3 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.0 MEDIUM

Network-reachable BOLA requiring group ID enumeration (AC:H); authenticated low-privilege session (PR:L); limited read, write, and disruptive impact on user data only with no scope change (C:L/I:L/A:L, S:U).

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jul 02, 2026 - 20:39 vuln.today
Severity Changed
Jul 02, 2026 - 20:22 NVD
MEDIUM LOW
CVSS changed
Jul 02, 2026 - 20:22 NVD
5.0 (MEDIUM) 2.3 (LOW)

DescriptionCVE.org

LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and removeAgentsFromGroup operations without user-scoped predicates to read agent listings, modify agent roles and ordering, and remove agents from chat groups belonging to other users.

AnalysisAI

Broken object level authorization in LobeChat through version 2.2.9 permits authenticated users to read and manipulate chat-group agent data belonging to other users by supplying arbitrary group identifiers to unguarded API operations. The getGroupAgents, updateAgentInGroup, and removeAgentsFromGroup endpoints accept caller-controlled group IDs without validating ownership, enabling cross-user data access and modification. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as standard LobeChat user
Delivery
Enumerate or guess target user's group identifiers
Exploit
Invoke getGroupAgents with foreign group ID
Execution
Read victim's agent listing
Persist
Call updateAgentInGroup or removeAgentsFromGroup
Impact
Modify or remove victim's chat-group agent configuration

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session in the LobeChat instance - at minimum a standard user account (CVSS PR:L). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 2.3 with vector AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N places this firmly in the low-severity tier, and the signal convergence across available data supports that classification. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated LobeChat user with a standard account leverages the publicly available proof-of-concept from GitHub issue #16537 to enumerate or brute-force group identifiers belonging to other users on the same instance, then invokes getGroupAgents to harvest the victim's agent configuration. The attacker subsequently calls updateAgentInGroup or removeAgentsFromGroup with the victim's group ID to silently tamper with or disrupt the victim's chat-group agent setup. …
Remediation An upstream fix has been committed to the LobeHub repository via commit 9ed5a7e20d8a67c431265f5a252e9559d9920907 (https://github.com/lobehub/lobehub/commit/9ed5a7e20d8a67c431265f5a252e9559d9920907) and merged through pull request #16586 (https://github.com/lobehub/lobehub/pull/16586); however, a specific tagged release version incorporating this fix is not independently confirmed from available data - operators should monitor the LobeHub release page for a version beyond 2.2.9 that includes this commit. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-59100 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy