← voltar
CVE-2026-11479

yoanbernabeu grepai Qdrant Backend chunker.go weak hash

CVSS 2.3 LOWEPSS 0.2%CWE-327CWE-328
A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such manipulation leads to use of weak hash. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
yoanbernabeu · grepai
PoCs públicas encontradas1
cve_referencegithub.com/yoanbernabeu/grepai/issues/247não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/yoanbernabeu/grepai/https://github.com/yoanbernabeu/grepai/issues/247https://github.com/yoanbernabeu/grepai/pull/248https://vuldb.com/cve/CVE-2026-11479https://vuldb.com/submit/833971https://vuldb.com/vuln/369099https://vuldb.com/vuln/369099/cti