CNNVD-202601-2470 Information

CNNVD ID

CNNVD-202601-2470

Related CVE

CVE-2025-68492

• CNNVD Published: 2026-01-14

Description (Chinese)

Chainlit是chainlit开源的一个大模型对话界面框架。 Chainlit 2.8.5之前版本存在安全漏洞，该漏洞源于存在通过用户控制密钥的授权绕过，可能导致攻击者登录后查看线程或获取线程所有权。

Description (English)

Chainlit is a framework for a large-scale model dialogue interface for the open source of chainlit. There was a security loophole in the previous version of Chainlit 2.8.5, which stemmed from the existence of an authorization to circumvent through a user-controlled key, which could result in the assailant entering the line or taking ownership of the route.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

chainlit

Published

2026-01-14

Last Modified

2026-02-24

References

https://github.com/Chainlit/chainlit/releases https://jvn.jp/en/jp/JVN34964581/ https://access.redhat.com/security/cve/cve-2025-68492

Patch

https://github.com/Chainlit/chainlit/releases