Description
CrawlChat is an open-source, AI-powered platform that transforms technical documentation into intelligent chatbots. Prior to version 0.0.8, a non-existing permission check for the CrawlChat's Discord bot allows non-manage guild users to put malicious content onto the collection knowledge base. Usually, admin / mods of a Discord guild use the `jigsaw` emoji to save a specific message (chain) onto the collection's knowledge base of CrawlChat. Unfortunately an permission check (for e.g. MANAGE_SERVER; MANAGE_MESSAGES etc.) was not done, allowing normal users of the guild to information to the knowledge base. With targeting specific parts that are commonly asked, users can manipulate the content given out by the bot (on all integrations), to e.g. redirect users to a malicious site, or send information to a malicious user. Version 0.0.8 patches the issue.
Published: 2026-01-19
Score: 5.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Knowledge Injection
Action: Immediate Update
AI Analysis

Impact

CrawlChat's Discord bot lacked a permission check that allowed any guild member who could use the jigsaw emoji to add messages to the bot's knowledge base. This missing authorize step made it possible to inject malicious content into the repository that the bot subsequently uses when answering queries, which could redirect users to malicious sites or supply false information. The weakness is identified as missing authorization validation (CWE‑862).

Affected Systems

The vulnerability exists in the CrawlChat bot before version 0.0.8. All installations using the open‑source platform older than v0.0.8 are affected, while the released v0.0.8 and newer fixes the issue.

Risk and Exploitability

With a CVSS score of 5.7 the vulnerability is considered moderate. The EPSS score of less than one percent indicates a low probability of exploitation at the time of reporting, and it is not listed in CISA's KEV catalog. The likely attack path involves a guild member selecting the jigsaw emoji without proper privilege checks, thereby injecting arbitrary content into the knowledge base. Once in place, the attacker can manipulate bot responses across all integrations.

Generated by OpenCVE AI on April 18, 2026 at 04:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the CrawlChat package version 0.0.8 or later, which includes the missing permission check for the Discord bot.
  • Restrict use of the jigsaw emoji or disable the ‘save’ trigger for non‑admin roles to prevent accidental or malicious additions to the knowledge base.
  • Continuously monitor the bot’s knowledge base for unexpected content or changes, and audit guild permissions to ensure only trusted roles can add or modify knowledge entries.

Generated by OpenCVE AI on April 18, 2026 at 04:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Feb 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:crawlchat:crawlchat:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}

Tue, 20 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 20 Jan 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Crawlchat
Crawlchat crawlchat
Vendors & Products Crawlchat
Crawlchat crawlchat

Mon, 19 Jan 2026 21:00:00 +0000

Type Values Removed Values Added
Description CrawlChat is an open-source, AI-powered platform that transforms technical documentation into intelligent chatbots. Prior to version 0.0.8, a non-existing permission check for the CrawlChat's Discord bot allows non-manage guild users to put malicious content onto the collection knowledge base. Usually, admin / mods of a Discord guild use the `jigsaw` emoji to save a specific message (chain) onto the collection's knowledge base of CrawlChat. Unfortunately an permission check (for e.g. MANAGE_SERVER; MANAGE_MESSAGES etc.) was not done, allowing normal users of the guild to information to the knowledge base. With targeting specific parts that are commonly asked, users can manipulate the content given out by the bot (on all integrations), to e.g. redirect users to a malicious site, or send information to a malicious user. Version 0.0.8 patches the issue.
Title CrawlChat's Discord Bot has a Knowledge Permission vulnerability
Weaknesses CWE-862
References
Metrics cvssV4_0

{'score': 5.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Crawlchat Crawlchat
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-20T15:33:08.209Z

Reserved: 2026-01-16T21:02:02.900Z

Link: CVE-2026-23875

cve-icon Vulnrichment

Updated: 2026-01-20T15:33:01.213Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-19T21:15:51.890

Modified: 2026-02-05T19:50:58.780

Link: CVE-2026-23875

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T05:00:06Z

Weaknesses