{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30855", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-05T21:27:35.342Z", "datePublished": "2026-03-07T16:31:10.564Z", "dateUpdated": "2026-03-09T18:24:39.227Z"}, "containers": {"cna": {"title": "WeKnora: Broken Access Control in Tenant Management", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Tencent/WeKnora/security/advisories/GHSA-ccj6-79j6-cq5q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Tencent/WeKnora/security/advisories/GHSA-ccj6-79j6-cq5q"}], "affected": [{"vendor": "Tencent", "product": "WeKnora", "versions": [{"version": "< 0.3.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T16:31:10.564Z"}, "descriptions": [{"lang": "en", "value": "WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2."}], "source": {"advisory": "GHSA-ccj6-79j6-cq5q", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T17:58:55.736531Z", "id": "CVE-2026-30855", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T18:24:39.227Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30855", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-09T17:58:55.736531Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T17:58:56.726Z"}}], "cna": {"title": "WeKnora: Broken Access Control in Tenant Management", "source": {"advisory": "GHSA-ccj6-79j6-cq5q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Tencent", "product": "WeKnora", "versions": [{"status": "affected", "version": "< 0.3.2"}]}], "references": [{"url": "https://github.com/Tencent/WeKnora/security/advisories/GHSA-ccj6-79j6-cq5q", "name": "https://github.com/Tencent/WeKnora/security/advisories/GHSA-ccj6-79j6-cq5q", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T16:31:10.564Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30855", "state": "PUBLISHED", "dateUpdated": "2026-03-09T18:24:39.227Z", "dateReserved": "2026-03-05T21:27:35.342Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-07T16:31:10.564Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tencent:weknora:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8CD2EAE-93F9-4249-9ED6-1896DA088B96", "versionEndExcluding": "0.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2."}, {"lang": "es", "value": "WeKnora es un framework impulsado por LLM dise\u00f1ado para la comprensi\u00f3n profunda de documentos y la recuperaci\u00f3n sem\u00e1ntica. Antes de la versi\u00f3n 0.3.2, una omisi\u00f3n de autorizaci\u00f3n en los endpoints de gesti\u00f3n de inquilinos de la aplicaci\u00f3n WeKnora permite a cualquier usuario autenticado leer, modificar o eliminar cualquier inquilino por ID. Dado que el registro de cuentas est\u00e1 abierto al p\u00fablico, esta vulnerabilidad permite a cualquier atacante no autenticado registrar una cuenta y posteriormente explotar el sistema. Esto permite la toma de control y destrucci\u00f3n de cuentas entre inquilinos, haciendo que el impacto sea cr\u00edtico. Este problema ha sido parcheado en la versi\u00f3n 0.3.2."}], "id": "CVE-2026-30855", "lastModified": "2026-03-09T17:33:08.627", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-07T17:15:53.053", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/Tencent/WeKnora/security/advisories/GHSA-ccj6-79j6-cq5q"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.3.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "WeKnora", "source": "cna", "vendor": "Tencent"}, "product": "weknora", "vendor": "tencent"}], "analysis": {"en": {"generated_at": "2026-04-16T10:47:22.606197+00:00", "value": {"mitigation_remediation": ["Apply the 0.3.2 patch or later to eliminate the broken access control logic", "Disable public account registration or limit tenant\u2011management access to privileged users only", "Monitor system logs for unauthorized tenant\u2011management actions and investigate any anomalies"], "summary": {"action": "Immediate Patch", "impact": "Authorization bypass permitting unauthenticated or authenticated users to read, modify, or delete any tenant"}, "threat_synthesis": {"affected_systems": "Tencent WeKnora, any deployment running a version before 0.3.2 is vulnerable. All tenants hosted on those instances are affected until the software is updated to 0.3.2 or later.", "description_and_impact": "A broken access control flaw in the tenant management endpoints of WeKnora allows any authenticated user to perform actions on any tenant by ID, effectively enabling cross\u2011tenant account takeover. Because account registration is open to the public, an attacker can create a new user account and then exploit the same flaw. The vulnerability permits full read, modify, and delete rights, compromising confidentiality, integrity, and availability of tenant data. The weakness is a classic authorization bypass, identified as CWE\u2011284.", "risk_and_exploitability": "The CVSS score of 8.8 classifies the risk as high, but the EPSS of less than 1 percent indicates a low probability of real\u2011world exploitation at the time of analysis. The flaw is not listed in CISA\u2019s KEV catalog. Exploitation is straightforward: an attacker registers an account, requests the tenant ID to target, and then uses the unauthorized endpoint to read, alter, or delete tenant data. No special conditions beyond authentication are required, making the attack vector simple and the impact critical."}}}}, "created": "2026-03-09T10:04:55.490273+00:00", "updated": "2026-04-16T11:00:10.635532+00:00", "vendors": ["tencent", "tencent$PRODUCT$weknora"]}