PT-2026-55707 · Forceinjection · Ai-Fundermentals

Dem00000

·

Published

2026-07-04

·

Updated

2026-07-04

·

CVE-2026-14630

CVSS v3.1

3.1

Low

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions ForceInjection AI-fundermentals versions 2.0 through 3.0
Description The Memory Recall Handler component contains an issue where the get conversation history() function in the 08 agentic system/memory/langchain/code/smart customer service.py file uses a weak hash. This allows for remote exploitation, although the attack requires a high degree of complexity and is considered difficult to execute.
Recommendations Install the patch f57277fdd9ba373ace72d83c272023ec67f720d6 for versions 2.0 through 3.0. As a temporary mitigation, restrict access to the get conversation history() function.

Exploit

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14630

Affected Products

Ai-Fundermentals