Description
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to time-of-check time-of-use. Access to the local network is required for this attack to succeed. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-05
Score: 2.1 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the file upload endpoint of Langchain‑Chatchat, allowing an attacker to supply a crafted filename that triggers a time‑of‑check to time‑of‑use race condition. This race can overwrite or replace files on the host, potentially enabling persistence of malicious code or destruction of critical data. The weakness is a classic race condition (CWE‑362 and CWE‑367). Because the exploit requires local network access and a high level of technical skill, it is rated low on overall impact.

Affected Systems

The affected product is chatchat‑space Langchain‑Chatchat version 0.3.1.3 and all earlier releases. Users deploying the openAI‑compatible file upload API are exposed.

Risk and Exploitability

The CVSS score of 2.1 reflects a low severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog, indicating limited threat intelligence. However, the attack vector is internal, requiring access to the local network. The exploitation complexity is high and hard to execute, so while the risk of exploitation is low, the potential damage of a successful attack is significant.

Generated by OpenCVE AI on May 5, 2026 at 17:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Restrict the openAI file upload API to trusted internal IP addresses or disable the endpoint if it is not required.
  • Implement strict filename validation and sanitization before any file system operation to eliminate race conditions.
  • Continuously monitor the file system and logs for unexpected file alterations and investigate promptly.

Generated by OpenCVE AI on May 5, 2026 at 17:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Chatchat-space
Chatchat-space langchain-chatchat
Vendors & Products Chatchat-space
Chatchat-space langchain-chatchat

Tue, 05 May 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 05 May 2026 16:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to time-of-check time-of-use. Access to the local network is required for this attack to succeed. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title chatchat-space Langchain-Chatchat OpenAI-Compatible File Upload API openai_routes.py files toctou
Weaknesses CWE-362
CWE-367
References
Metrics cvssV2_0

{'score': 1.4, 'vector': 'AV:A/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 2.6, 'vector': 'CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 2.6, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 2.1, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Chatchat-space Langchain-chatchat
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-05T16:11:21.230Z

Reserved: 2026-05-05T10:20:56.988Z

Link: CVE-2026-7846

cve-icon Vulnrichment

Updated: 2026-05-05T16:11:16.224Z

cve-icon NVD

Status : Deferred

Published: 2026-05-05T16:16:19.577

Modified: 2026-05-05T19:06:58.737

Link: CVE-2026-7846

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T18:45:15Z

Weaknesses