{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34999", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-31T20:40:15.617Z", "datePublished": "2026-04-01T13:30:30.999Z", "dateUpdated": "2026-04-01T20:27:23.849Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-01T15:01:09.605Z"}, "title": "OpenViking 0.2.5 < 0.2.14 Bot Proxy Endpoints Allow Unauthenticated Access", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "type": "CWE"}]}], "affected": [{"vendor": "Volcengine", "product": "OpenViking", "repo": "https://github.com/volcengine/OpenViking", "versions": [{"status": "affected", "version": "0.2.5", "lessThan": "0.2.14", "versionType": "semver"}, {"status": "unaffected", "version": "27acda8d1701ff68423fbd6c902208e3c1ed9373", "versionType": "git"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials.<br>"}]}], "references": [{"url": "https://github.com/volcengine/OpenViking/releases/tag/v0.2.14", "tags": ["release-notes"]}, {"url": "https://github.com/volcengine/OpenViking/pull/996", "tags": ["issue-tracking"]}, {"url": "https://github.com/volcengine/OpenViking/commit/27acda8d1701ff68423fbd6c902208e3c1ed9373", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openviking-bot-proxy-endpoints-allow-unauthenticated-access", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "credits": [{"lang": "en", "value": "Chia Min Jun Lennon", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T20:26:37.161626Z", "id": "CVE-2026-34999", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:27:23.849Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34999", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T20:26:37.161626Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:27:07.690Z"}}], "cna": {"title": "OpenViking 0.2.5 < 0.2.14 Bot Proxy Endpoints Allow Unauthenticated Access", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Chia Min Jun Lennon"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/volcengine/OpenViking", "vendor": "Volcengine", "product": "OpenViking", "versions": [{"status": "affected", "version": "0.2.5", "lessThan": "0.2.14", "versionType": "semver"}, {"status": "unaffected", "version": "27acda8d1701ff68423fbd6c902208e3c1ed9373", "versionType": "git"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/volcengine/OpenViking/releases/tag/v0.2.14", "tags": ["release-notes"]}, {"url": "https://github.com/volcengine/OpenViking/pull/996", "tags": ["issue-tracking"]}, {"url": "https://github.com/volcengine/OpenViking/commit/27acda8d1701ff68423fbd6c902208e3c1ed9373", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openviking-bot-proxy-endpoints-allow-unauthenticated-access", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials.", "supportingMedia": [{"type": "text/html", "value": "OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-01T15:01:09.605Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34999", "state": "PUBLISHED", "dateUpdated": "2026-04-01T20:27:23.849Z", "dateReserved": "2026-03-31T20:40:15.617Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-01T13:30:30.999Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:volcengine:openviking:*:*:*:*:*:*:*:*", "matchCriteriaId": "E557EBDE-5EC3-49C5-AC28-F34726561EC3", "versionEndExcluding": "0.2.14", "versionStartIncluding": "0.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials."}], "id": "CVE-2026-34999", "lastModified": "2026-04-07T16:37:04.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-01T14:16:55.947", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Patch"], "url": "https://github.com/volcengine/OpenViking/commit/27acda8d1701ff68423fbd6c902208e3c1ed9373"}, {"source": "disclosure@vulncheck.com", "tags": ["Issue Tracking"], "url": "https://github.com/volcengine/OpenViking/pull/996"}, {"source": "disclosure@vulncheck.com", "tags": ["Release Notes"], "url": "https://github.com/volcengine/OpenViking/releases/tag/v0.2.14"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.vulncheck.com/advisories/openviking-bot-proxy-endpoints-allow-unauthenticated-access"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.2.5,0.2.14)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "code_commit", "value": "[27acda8d1701ff68423fbd6c902208e3c1ed9373,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenViking", "source": "cna", "vendor": "Volcengine"}, "product": "openviking", "vendor": "volcengine"}], "analysis": {"en": {"generated_at": "2026-04-07T23:56:31.028250+00:00", "value": {"mitigation_remediation": ["Update OpenViking to version 0.2.14 or later."], "summary": {"action": "Patch", "impact": "Unauthorized Access to Bot Proxy"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Volcengine\u2019s OpenViking product in all releases from version 0.2.5 through 0.2.13. Any deployment running one of these releases is susceptible to unauthenticated exploitation of the bot proxy endpoints.", "description_and_impact": "OpenViking versions from 0.2.5 up to but not including 0.2.14 contain a missing authentication check in the bot proxy router, a weakness categorized as CWE\u2011306. This allows attackers to send POST requests to /bot/v1/chat and /bot/v1/chat/stream without authentication and directly interact with the upstream bot backend protected by OpenViking. By exploiting this flaw, an adversary can issue arbitrary bot queries, retrieve responses, or abuse bot functionality without needing valid credentials.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a Medium\u2011to\u2011High impact. The EPSS score is below 1%, suggesting a low likelihood of widespread exploitation at present, and the flaw is not listed in the CISA KEV catalog. Attacks require only simple HTTP POST requests to the specified endpoints and can be performed remotely without credentials, making the attack vector trivial for anyone with network access to the service."}}}}, "created": "2026-04-02T07:49:11.431645+00:00", "updated": "2026-04-08T19:59:47.790208+00:00", "vendors": ["volcengine", "volcengine$PRODUCT$openviking"]}