Loading market data...
← Back to CVE feed

CVE-2026-13508

MEDIUM CVSS 5.5 View on NVD ↗

Description

A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Published: Jun 28, 2026 22:16 UTC Modified: Jun 29, 2026 15:16 UTC