CRITICAL🇵🇱 Wersja polska

CVE-2026-22688

CVSS 9.9v3.1pub. 2026-01-10upd. 2026-01-22

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. This issue has been patched in version 0.2.5.

🤖 AI Analysis
How it works

The vulnerability results from insufficient validation of the stdio_config.command and stdio_config.args fields in the MCP stdio settings. An authenticated user can inject arbitrary values into these fields, which are then passed directly to the subprocess execution mechanism on the server. As a result, the server executes processes defined by the attacker instead of restricting itself to intended operations.

Impact

An attacker with access to an authenticated account can trigger arbitrary system command execution on the server, potentially gaining full control of the system, compromising data confidentiality and integrity, and affecting service availability.

Mitigation & patch

WeKnora should be updated to version 0.2.5, where the vulnerability has been fixed. Patch details are available in the GitHub repository at the address indicated in the references (commit f7900a5e9a18c99d25cec9589ead9e4e59ce04bb).

Who is affected

Tencent WeKnora in all versions before 0.2.5

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Tencent Weknora

    APP
    Tencent
    < 0.2.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-30861CRITICAL9.9PL ✓ten sam produkt

RCE w WeKnora — command injection w walidacji konfiguracji MCP stdio

CVE-2026-30860CRITICAL9.9PL ✓ten sam produkt

RCE przez SQL Injection w Tencent WeKnora (bypass walidacji wyrażeń PostgreSQL)

CVE-2026-30855HIGH8.8ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...

CVE-2026-30247MEDIUM5.9ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...

CVE-2026-30856MEDIUM5.9ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...