CVE-2026-5320 | vanna-ai vanna up to 2.0.2 Chat API Endpoint /api/vanna/v2/ missing authentication

A vulnerability has been found in vanna-ai vanna up to 2.0.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication.

This vulnerability is identified as CVE-2026-5320. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More