CVE-2026-39411

Name of the Vulnerable Software and Affected Versions LobeHub versions prior to 2.1.48

Description The webapi authentication layer incorrectly trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not properly signed or authenticated. The XOR key is hardcoded within the repository, allowing attackers to forge authentication payloads and bypass authentication on protected webapi routes. Affected API endpoints include: /webapi/chat/[provider], /webapi/models/[provider], /webapi/models/[provider]/pull, and /webapi/create-image/comfyui. The backend decodes the X-lobe-chat-auth header using the hardcoded key LobeHub · LobeHub and accepts any truthy apiKey field within the decoded JSON as valid authentication. This allows an attacker to access protected routes without a valid session, potentially spending the deployment's server-side model provider credentials or impersonating other users. The vulnerability allows an unauthenticated authentication bypass, enabling access to privileged backend model operations such as chat, model listing, model pulls, and ComfyUI image generation.

Recommendations Update to version 2.1.48 or later to resolve this issue. Stop treating the X-lobe-chat-auth header as an authentication token. Remove the truthiness check of the apiKey field for authentication purposes. Implement a real server-validated session, OIDC token, or validated API key for all protected webapi routes.