← volver
CVE-2026-11479

yoanbernabeu grepai Qdrant Backend chunker.go weak hash

CVSS 2.3 LOWEPSS 0.2%CWE-327CWE-328
A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such manipulation leads to use of weak hash. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
yoanbernabeu · grepai
PoCs públicas encontradas1
cve_referencegithub.com/yoanbernabeu/grepai/issues/247no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/yoanbernabeu/grepai/https://github.com/yoanbernabeu/grepai/issues/247https://github.com/yoanbernabeu/grepai/pull/248https://vuldb.com/cve/CVE-2026-11479https://vuldb.com/submit/833971https://vuldb.com/vuln/369099https://vuldb.com/vuln/369099/cti