CVE-2026-30855
published 2026-03-07CVE-2026-30855: WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant…
PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.33%
24.6th percentile
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | tencent_weknora | >= 0 < 0.3.2 | 0.3.2 |
| github.com | tencent_weknora | >= 0 < 0.3.1 | 0.3.1 |
| tencent | weknora | < 0.3.2 | 0.3.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
osv·2026-03-10
CVE-2026-30855 WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
GHSA
WeKnora Vulnerable to Broken Access Control in Tenant Management
ghsa·2026-03-06
CVE-2026-30855 [CRITICAL] CWE-284 WeKnora Vulnerable to Broken Access Control in Tenant Management
WeKnora Vulnerable to Broken Access Control in Tenant Management
### Summary
An authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical.
### Details
The tenant management handlers do not validate that the caller owns the tenant or has cross-tenant privileges. The handlers parse the tenant ID from the path and directly call the service layer with that ID, returning or mutating the tenant without authorization checks.
Affected handlers:
- `GET /api/
OSV
WeKnora Vulnerable to Broken Access Control in Tenant Management
osv·2026-03-06
CVE-2026-30855 [CRITICAL] WeKnora Vulnerable to Broken Access Control in Tenant Management
WeKnora Vulnerable to Broken Access Control in Tenant Management
### Summary
An authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical.
### Details
The tenant management handlers do not validate that the caller owns the tenant or has cross-tenant privileges. The handlers parse the tenant ID from the path and directly call the service layer with that ID, returning or mutating the tenant without authorization checks.
Affected handlers:
- `GET /api/
No detection rules found.
No public exploits indexed.
2026-03-07
Published