CVE-2026-7847 | chatchat-space Langchain-Chatchat up to 0.3.1.3 Uploaded File openai_routes.py _get_file_id random values (Issue 5464)

A vulnerability identified as problematic has been detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently random values.

This vulnerability is known as CVE-2026-7847. Access to the local network is required for this attack. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More