Description
A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Published: 2026-06-28
Score: 5.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the Conversation Sharing Handler within the api_chat.py component of Khoj. It is a manifestation of CWE-285 (Broken Access Control) and CWE-863 (Privilege Escalation), where an attacker can manipulate the conversation.agent argument to bypass the intended authorization checks. This allows the API to expose or modify conversation data that the user should not have access to, enabling unauthorized access to privileged resources and potentially leading to data leakage or account compromise.

Affected Systems

The affected product is Khoj by khoj-ai. Versions up to 2.0.0-beta.28 contain the flaw. The relevant component is the Conversation Sharing API exposed via the api_chat.py router. No specific sub-versions beyond the mentioned latest beta are identified as affected.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity, while no EPSS data and absence from KEV suggest it is not yet a widely targeted vulnerability. Nevertheless, the exploit is published and remote exploitation is possible, making it a realistic risk for exposed installations. Attackers can manipulate HTTP requests to the Conversation Sharing endpoint to gain excessive permissions, and the lack of an available patch at launch means remediation must wait for an official fix or manual mitigation.

Generated by OpenCVE AI on June 28, 2026 at 23:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Khoj to a version that includes the merged fix for conversation.agent authorization (e.g., after PR 1328 is merged).
  • If no update is available, restrict access to the Conversation Sharing API by requiring stricter authentication or IP whitelisting so that only trusted clients can reach the endpoint.
  • Track the project's issue tracker and pull request 1328 for a fix; consider applying a backport or manually patching the api_chat.py file to validate conversation.agent against the authenticated user.

Generated by OpenCVE AI on June 28, 2026 at 23:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 28 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Title khoj-ai khoj Conversation Sharing api_chat.py authorization
First Time appeared Khoj-ai
Khoj-ai khoj
Weaknesses CWE-285
CWE-863
CPEs cpe:2.3:a:khoj-ai:khoj:*:*:*:*:*:*:*:*
Vendors & Products Khoj-ai
Khoj-ai khoj
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Khoj-ai Khoj
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-28T21:45:10.327Z

Reserved: 2026-06-28T06:21:13.647Z

Link: CVE-2026-13508

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T00:00:12Z

Weaknesses