CVE-2025-69207

Name of the Vulnerable Software and Affected Versions Khoj versions prior to 2.0.0-beta.23

Description Khoj is an artificial intelligence application that is self-hostable. A flaw exists in the Notion OAuth callback functionality that allows an attacker to take control of any user's Notion integration by manipulating the state parameter. The callback endpoint does not verify that the OAuth flow was started by the user associated with the provided user UUID, enabling attackers to replace a victim's Notion settings with their own. This can lead to data poisoning and unauthorized access to the victim's Khoj search index. The user's UUID, which is required for this attack, can be obtained from shared conversations containing AI-generated images. The vulnerable code is located in src/khoj/routers/notion.py at the /auth/callback API endpoint. The vulnerable parameter is state. The aget user by uuid() function is used without proper verification.

Recommendations Versions prior to 2.0.0-beta.23 should be updated to version 2.0.0-beta.23 or later.