Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

chatchat-space — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting chatchat-space. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Chatchat-space is an open-source chat platform designed for building conversational AI applications. Historically, it has been vulnerable to multiple security issues including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. The platform's 7 recorded CVEs primarily stem from improper input validation and insufficient access controls. Notable security characteristics include its reliance on third-party libraries which introduce additional attack surfaces, though no major public security incidents have been documented. The project maintains active development with regular security patches, though users should implement additional hardening measures given its vulnerability history.

Top products by chatchat-space: Langchain-Chatchat
CVE IDTitleCVSSSeverityPublished
CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values — Langchain-ChatchatCWE-330 2.6 Low2026-05-05
CVE-2026-7846 chatchat-space Langchain-Chatchat OpenAI-Compatible File Upload API openai_routes.py files toctou — Langchain-ChatchatCWE-367 2.6 Low2026-05-05
CVE-2026-7845 chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash — Langchain-ChatchatCWE-328 2.6 Low2026-05-05
CVE-2026-7844 chatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authentication — Langchain-ChatchatCWE-306 6.3 Medium2026-05-05
CVE-2025-6855 chatchat-space Langchain-Chatchat file path traversal — Langchain-ChatchatCWE-22 5.5 Medium2025-06-29
CVE-2025-6854 chatchat-space Langchain-Chatchat files path traversal — Langchain-ChatchatCWE-22 4.3 Medium2025-06-29
CVE-2025-6853 chatchat-space Langchain-Chatchat Backend upload_temp_docs path traversal — Langchain-ChatchatCWE-22 6.3 Medium2025-06-29

This page lists every published CVE security advisory associated with chatchat-space. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.