Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable but requires authenticated low-priv account and high complexity to forge session hash; impact is limited to partial confidentiality of conversation history with no integrity or availability consequence.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability has been found in ForceInjection AI-fundermentals 2.0/3.0. Affected by this vulnerability is the function get_conversation_history of the file 08_agentic_system/memory/langchain/code/smart_customer_service.py of the component Memory Recall Handler. The manipulation leads to use of weak hash. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is f57277fdd9ba373ace72d83c272023ec67f720d6. It is suggested to install a patch to address this issue. The project confirms (translated from Chinese): "We now require session ownership verification in methods such as username, sessionowner, etc., and we've chat()changed the generation of sessionowner to include verified user identity and security context metadata."
AnalysisAI
Weak session hash generation in ForceInjection AI-fundermentals 2.0 and 3.0 exposes conversation history belonging to other users in shared deployments. The get_conversation_history function in the Memory Recall Handler generates sessionowner tokens using a cryptographically weak hash algorithm (CWE-328), allowing a low-privileged authenticated attacker to predict or brute-force another user's session identifier and retrieve their prior conversation records. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid low-privileged authenticated account on the target AI-fundermentals instance (confirmed by PR:L in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 2.3 accurately characterizes this as a low-severity finding. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated low-privileged user on a shared AI-fundermentals deployment crafts or enumerates `sessionowner` hash values by exploiting the weak hash algorithm used during token generation. Using the publicly available proof-of-concept from GitHub issue #17 (https://github.com/ForceInjection/AI-fundamentals/issues/17) as a reference, the attacker identifies a valid token for another user's session and calls `get_conversation_history` with the forged token, retrieving that user's prior conversation records including potentially sensitive customer service interactions. … |
| Remediation | Apply the upstream fix by pulling commit f57277fdd9ba373ace72d83c272023ec67f720d6 from https://github.com/ForceInjection/AI-fundamentals/commit/f57277fdd9ba373ace72d83c272023ec67f720d6 or merging PR #18 at https://github.com/ForceInjection/AI-fundamentals/pull/18; a tagged release version has not been independently confirmed, so operators should verify the fix is included in the deployed branch. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-328 – Use of Weak Hash
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41677
GHSA-g4xw-pv27-8m29