PT-2026-55298 · Lobe Chat · Lobe Chat

George Chen

·

Published

2026-07-02

·

Updated

2026-07-02

·

CVE-2026-59098

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions LobeChat versions prior to 2.3.0
Description Broken access control exists in the retrieval-augmented-generation (RAG) semantic search functionality. Authenticated attackers can access data from other users due to missing user-identifier predicates in the semanticSearch method of the chunk model. By providing arbitrary victim file or knowledge-base identifiers through the chunk retrieval and chat knowledge-base paths, an attacker can retrieve metadata, file names, and text content belonging to other users.
Recommendations Update LobeChat to version 2.3.0 or later.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-59098

Affected Products

Lobe Chat