Description
LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload feature in `Knowledge Base > File Upload` does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitrary files in abnormal or unintended paths. In addition, since `lobechat.com` relies on the size parameter from the request to calculate file usage, an attacker can manipulate this value to misrepresent the actual file size, such as uploading a `1 GB` file while reporting it as `10 MB`, or falsely declaring a `10 MB` file as a `1 GB` file. By manipulating the size value provided in the client upload request, it is possible to bypass the monthly upload quota enforced by the server and continuously upload files beyond the intended storage and traffic limits. This abuse can result in a discrepancy between actual resource consumption and billing calculations, causing direct financial impact to the service operator. Additionally, exhaustion of storage or related resources may lead to degraded service availability, including failed uploads, delayed content delivery, or temporary suspension of upload functionality for legitimate users. A single malicious user can also negatively affect other users or projects sharing the same subscription plan, effectively causing an indirect denial of service (DoS). Furthermore, excessive and unaccounted-for uploads can distort monitoring metrics and overload downstream systems such as backup processes, malware scanning, and media processing pipelines, ultimately undermining overall operational stability and service reliability. Version 1.143.3 contains a patch for the issue.
Published: 2026-01-30
Score: 5.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized file creation and quota bypass leading to financial loss or service availability impact
Action: Patch
AI Analysis

Impact

The vulnerability allows an attacker to control the parameters of a file upload request and create files in arbitrary locations on the server. Because the upload size reported by the client is not validated, an attacker can falsify the file size to bypass monthly usage limits, potentially uploading far larger data than permitted. This can inflate billing figures, exhaust storage, and degrade performance, causing direct financial damage to the operator and offering an indirect denial of service to other users sharing the same subscription plan.

Affected Systems

Products from LobeHub (lobehub:lobe-chat) running any version earlier than 1.143.3 are affected. The vulnerability exists in the file upload feature of the Knowledge Base interface.

Risk and Exploitability

The CVSS score of 5.7 indicates moderate severity; the EPSS score is less than 1%, suggesting a low probability of widespread exploitation. The issue is not listed in the CISA KEV catalog. Exploitability requires that an attacker has access to the upload interface or can intercept traffic to manipulate request parameters. Successful exploitation would enable arbitrary file creation, quota circumvention, and potential service disruption.

Generated by OpenCVE AI on April 18, 2026 at 14:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to LobeHub version 1.143.3 or later, which contains a patch for the improper authorization bug.
  • Disable or restrict access to the Knowledge Base file upload endpoint until the patch is applied to prevent unauthorized file creation.
  • Enforce server‑side validation of the upload file path and size, and apply quota checks per project to ensure reported size matches actual data and prevent quota bypass.

Generated by OpenCVE AI on April 18, 2026 at 14:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wrrr-8jcv-wjf5 LobeHub Vulnerable to Improper Authorization in Presigned Upload
History

Tue, 03 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Lobehub
Lobehub lobe Chat
Vendors & Products Lobehub
Lobehub lobe Chat

Fri, 30 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 30 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Description LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload feature in `Knowledge Base > File Upload` does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitrary files in abnormal or unintended paths. In addition, since `lobechat.com` relies on the size parameter from the request to calculate file usage, an attacker can manipulate this value to misrepresent the actual file size, such as uploading a `1 GB` file while reporting it as `10 MB`, or falsely declaring a `10 MB` file as a `1 GB` file. By manipulating the size value provided in the client upload request, it is possible to bypass the monthly upload quota enforced by the server and continuously upload files beyond the intended storage and traffic limits. This abuse can result in a discrepancy between actual resource consumption and billing calculations, causing direct financial impact to the service operator. Additionally, exhaustion of storage or related resources may lead to degraded service availability, including failed uploads, delayed content delivery, or temporary suspension of upload functionality for legitimate users. A single malicious user can also negatively affect other users or projects sharing the same subscription plan, effectively causing an indirect denial of service (DoS). Furthermore, excessive and unaccounted-for uploads can distort monitoring metrics and overload downstream systems such as backup processes, malware scanning, and media processing pipelines, ultimately undermining overall operational stability and service reliability. Version 1.143.3 contains a patch for the issue.
Title LobeHub Vulnerable to Improper Authorization in Presigned Upload
Weaknesses CWE-73
References
Metrics cvssV4_0

{'score': 5.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Lobehub Lobe Chat
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-30T20:21:57.205Z

Reserved: 2026-01-16T15:46:40.841Z

Link: CVE-2026-23835

cve-icon Vulnrichment

Updated: 2026-01-30T20:21:32.624Z

cve-icon NVD

Status : Deferred

Published: 2026-01-30T20:16:41.893

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23835

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:30:02Z

Weaknesses