Skip to main content

Langchain-Chatchat CVE-2026-7847

| EUVDEUVD-2026-27408 LOW
Use of Insufficiently Random Values (CWE-330)
2026-05-05 VulDB GHSA-jv4p-mhmp-69vw
1.2
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.2 LOW
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
May 05, 2026 - 17:31 vuln.today
CVSS changed
May 05, 2026 - 17:22 NVD
2.6 (LOW) 1.2 (LOW)

DescriptionCVE.org

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently random values. Access to the local network is required for this attack. The attack's complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Insufficiently random file ID generation in Langchain-Chatchat up to version 0.3.1.3 allows authenticated local network attackers to predict uploaded file identifiers via the _get_file_id function, enabling information disclosure. The vulnerability requires local network access and authenticated privileges but carries low exploitability due to high attack complexity. A public exploit is available, though the project has not responded to early disclosure notifications.

Technical ContextAI

The vulnerability exists in the file ID generation mechanism within libs/chatchat-server/chatchat/server/api_server/openai_routes.py, specifically in the _get_file_id function. CWE-330 (Use of Insufficiently Random Values) indicates that the function does not generate cryptographically secure random identifiers for uploaded files. This allows an attacker with network access to the application to predict or enumerate valid file IDs, bypassing the intended randomness that protects file access control. The affected product is Langchain-Chatchat, an LLM-based chat application built on the Langchain framework, making file upload handling a critical security component.

RemediationAI

Upgrade Langchain-Chatchat to a version newer than 0.3.1.3 once a patched release is available. As of now, the vendor has not responded to disclosure notifications and no patched version has been confirmed released. Immediate compensating controls include: restrict file upload functionality to trusted internal networks only by implementing network-level access controls (firewall rules limiting access to the upload endpoint), require strong authentication with session management and rate limiting on file upload requests to raise attack complexity further, disable the file upload feature entirely if not essential to operations until a vendor patch is released, and implement monitoring and logging of file ID access patterns to detect enumeration attempts. Each mitigation has trade-offs: disabling uploads removes functionality entirely; network restriction limits legitimate remote users; rate limiting may impact user experience during bulk operations. Monitor the GitHub issue https://github.com/chatchat-space/Langchain-Chatchat/issues/5464 and the project repository for patch announcements.

Share

CVE-2026-7847 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy