Submit #807790: chatchat-space Langchain-Chatchat 0.3.1.3 Missing Authorization / CWE-862info

Titlechatchat-space Langchain-Chatchat 0.3.1.3 Missing Authorization / CWE-862
DescriptionA vulnerability was found in chatchat-space Langchain-Chatchat x.x.x.x and classified as critical. Affected by this vulnerability are the functions files(), list_files(), retrieve_file(), retrieve_file_content(), and delete_file() of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py (lines 260–327) of the component OpenAI-Compatible File Service. The manipulation leads to missing authorization. The endpoints POST /v1/files, GET /v1/files, GET /v1/files/{file_id}, GET /v1/files/{file_id}/content, and DELETE /v1/files/{file_id} are exposed without any authentication or authorization check. In deployments where port 7861 is network-accessible — including the default Docker deployment using network_mode: host — any unauthenticated attacker can upload, enumerate, read, and delete files belonging to any user. This is further compounded by CORS configured with allow_origins=["*"], enabling cross-origin exploitation from arbitrary web pages. The attack may be launched remotely without privileges. The exploit has been disclosed to the public. It is recommended to add authentication middleware to all file service endpoints, enforce per-user file ownership validation, and restrict CORS to trusted origins. details: https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-4-Missing-Auth-File-Endpoints.md
Source⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5465
User
 Dem00 (UID 84913)
Submission04/19/2026 10:12 (3 months ago)
Moderation05/05/2026 12:21 (16 days later)
StatusAccepted
VulDB entry361123 [chatchat-space Langchain-Chatchat up to 0.3.1.3 Compatible File Service openai_routes.py missing authentication]
Points20

Do you know our Splunk app?

Download it now for free!