cbcvebase.

Quantumcloud Chatbot vulnerabilities

7 known vulnerabilities affecting quantumcloud/chatbot.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH3MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2026-32499P1CRITICALCVSS 9.3Exploited≥ n/a, ≤ <= 7.7.92026-03-25
CVE-2026-32499 [CRITICAL] CWE-89 CVE-2026-32499: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through <= 7.7.9.
nvd
CVE-2025-26932P3HIGHCVSS 7.5≤ 6.3.52025-02-25
CVE-2025-26932 [HIGH] CWE-98 CVE-2025-26932: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QuantumCloud ChatBot chatbot allows PHP Local File Inclusion.This issue affects ChatBot: from n/a through <= 6.3.5.
nvd
CVE-2026-40788P3HIGHCVSS 7.1≥ n/a, ≤ 7.9.72026-06-15
CVE-2026-40788 [HIGH] CWE-862 CVE-2026-40788: Subscriber Broken Access Control in ChatBot <= 7.9.7 versions. Subscriber Broken Access Control in ChatBot <= 7.9.7 versions.
nvd
CVE-2023-24415P4HIGHCVSS 8.8fixed in 4.2.92023-02-23
CVE-2023-24415 [HIGH] CWE-352 CVE-2023-24415: Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.2.8 versions. Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.2.8 versions.
nvd
CVE-2025-64277P4MEDIUMCVSS 5.3≤ 7.3.92025-11-13
CVE-2025-64277 [MEDIUM] CWE-862 CVE-2025-64277: Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Co Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.9.
nvd
CVE-2025-62952P4MEDIUMCVSS 4.3≤ 7.7.32025-10-27
CVE-2025-62952 [MEDIUM] CWE-862 CVE-2025-62952: Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Co Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.7.3.
nvd
CVE-2025-53200P4MEDIUMCVSS 4.3≤ 6.7.32025-06-27
CVE-2025-53200 [MEDIUM] CWE-862 CVE-2025-53200: Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Co Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 6.7.3.
nvd
Quantumcloud Chatbot vulnerabilities | cvebase