Skip to main content

Openviking

5 CVEs product

Monthly

CVE-2026-13507 LOW PATCH Monitor

Insufficient data authenticity verification in volcengine OpenViking's Local VectorDB Primary-key Label Handler (versions up to 0.3.21) allows a remote attacker with low-privilege access to manipulate the ID argument passed to the str_to_uint64 function, potentially enabling limited tampering with vector database primary-key label data. The attack vector is network-accessible but rated highly complex, with CVSS 4.0 score of 2.3 reflecting constrained, low-severity impact across confidentiality, integrity, and availability. No public exploit code exists and no active exploitation has been identified; an upstream fix is pending via an unmerged pull request.

Information Disclosure Openviking
NVD VulDB GitHub
CVSS 4.0
2.3
EPSS
0.1%
CVE-2026-40525 PyPI CRITICAL PATCH GHSA Act Now

OpenViking VikingBot OpenAPI routes permit unauthenticated remote attackers to execute privileged bot-control operations when the api_key configuration is unset or empty. Attackers can submit arbitrary prompts, manipulate bot sessions, and access downstream integrations, secrets, and data without providing valid X-API-Key authentication. Affects OpenViking versions ≤0.3.8; patched in commit c7bb167 (v0.3.9 release). No active exploitation confirmed (not in CISA KEV), but EPSS score of 0.11% suggests low observed exploitation probability. VulnCheck advisory and GitHub patch available.

Authentication Bypass Openviking
NVD GitHub VulDB
CVSS 4.0
9.1
EPSS
0.1%
CVE-2026-22680 PyPI MEDIUM PATCH GHSA This Month

OpenViking versions prior to 0.3.3 expose a missing authorization vulnerability in task polling endpoints that allows unauthenticated remote attackers to enumerate and retrieve background task metadata created by other users, exposing task types, status, resource identifiers, archive URIs, result payloads, and error information. This vulnerability enables information disclosure with a CVSS score of 6.9 and carries particular risk in multi-tenant deployments where cross-tenant data leakage could occur. No public exploit code has been identified at the time of analysis, though the vulnerability requires only network access and no special attack complexity.

Authentication Bypass Openviking
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-34999 MEDIUM PATCH This Month

OpenViking versions 0.2.5 through 0.2.13 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality via POST requests to /bot/v1/chat and /bot/v1/chat/stream endpoints, enabling direct interaction with the upstream bot backend without valid credentials. The vulnerability has a moderate CVSS score of 6.9 due to network accessibility and low confidentiality impact, with public fix availability as of version 0.2.14 reducing immediate risk for patched deployments.

Authentication Bypass Openviking
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-28518 PyPI HIGH This Week

OpenViking 0.2.1 and earlier contain a path traversal vulnerability in .ovpack file imports that enables local attackers to write arbitrary files outside the intended directory by crafting malicious ZIP archives with traversal sequences or absolute paths. An attacker with user interaction can overwrite or create files with the privileges of the importing process, potentially leading to code execution or system compromise. No patch is currently available for this vulnerability.

Path Traversal Openviking
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Insufficient data authenticity verification in volcengine OpenViking's Local VectorDB Primary-key Label Handler (versions up to 0.3.21) allows a remote attacker with low-privilege access to manipulate the ID argument passed to the str_to_uint64 function, potentially enabling limited tampering with vector database primary-key label data. The attack vector is network-accessible but rated highly complex, with CVSS 4.0 score of 2.3 reflecting constrained, low-severity impact across confidentiality, integrity, and availability. No public exploit code exists and no active exploitation has been identified; an upstream fix is pending via an unmerged pull request.

Information Disclosure Openviking
NVD VulDB GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

OpenViking VikingBot OpenAPI routes permit unauthenticated remote attackers to execute privileged bot-control operations when the api_key configuration is unset or empty. Attackers can submit arbitrary prompts, manipulate bot sessions, and access downstream integrations, secrets, and data without providing valid X-API-Key authentication. Affects OpenViking versions ≤0.3.8; patched in commit c7bb167 (v0.3.9 release). No active exploitation confirmed (not in CISA KEV), but EPSS score of 0.11% suggests low observed exploitation probability. VulnCheck advisory and GitHub patch available.

Authentication Bypass Openviking
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

OpenViking versions prior to 0.3.3 expose a missing authorization vulnerability in task polling endpoints that allows unauthenticated remote attackers to enumerate and retrieve background task metadata created by other users, exposing task types, status, resource identifiers, archive URIs, result payloads, and error information. This vulnerability enables information disclosure with a CVSS score of 6.9 and carries particular risk in multi-tenant deployments where cross-tenant data leakage could occur. No public exploit code has been identified at the time of analysis, though the vulnerability requires only network access and no special attack complexity.

Authentication Bypass Openviking
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

OpenViking versions 0.2.5 through 0.2.13 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality via POST requests to /bot/v1/chat and /bot/v1/chat/stream endpoints, enabling direct interaction with the upstream bot backend without valid credentials. The vulnerability has a moderate CVSS score of 6.9 due to network accessibility and low confidentiality impact, with public fix availability as of version 0.2.14 reducing immediate risk for patched deployments.

Authentication Bypass Openviking
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH This Week

OpenViking 0.2.1 and earlier contain a path traversal vulnerability in .ovpack file imports that enables local attackers to write arbitrary files outside the intended directory by crafting malicious ZIP archives with traversal sequences or absolute paths. An attacker with user interaction can overwrite or create files with the privileges of the importing process, potentially leading to code execution or system compromise. No patch is currently available for this vulnerability.

Path Traversal Openviking
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy