CNNVD-202601-2985 Information
CNNVD ID
CNNVD-202601-2985
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
CrawlChat是CrawlChat开源的一款将网页爬虫与AI聊天机器人相结合的工具。 CrawlChat 0.0.8之前版本存在安全漏洞,该漏洞源于CrawlChat的Discord机器人缺少权限检查,可能导致非管理服务器用户将恶意内容放入知识库,从而操纵机器人输出内容或重定向用户。
Description (English)
CrawlChat is a tool that combines web reptiles with AI chat robots. There was a security loophole in the previous version of CrawlChat 0.0.8, which stemmed from the lack of access checks for the Discord robot in CrawlChat, which could result in non-managerial server users putting malicious content in the knowledge base, thus manipulating robot output or reorienting users.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
CrawlChat
Published
2026-01-19
Last Modified
2026-02-24
References
https://github.com/crawlchat/crawlchat/security/advisories/GHSA-f484-62p4-6w4p https://github.com/crawlchat/crawlchat/commit/f90ebb93c6a830f6cf609d683f6425af8434573a https://github.com/crawlchat/crawlchat/releases/tag/v0.0.8 https://access.redhat.com/security/cve/cve-2026-23875
Patch
https://github.com/crawlchat/crawlchat/releases
Share on: