CVE-2026-11479

MEDIUM(4.2)

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

Risk Signal Score16/100 — NIEDRIG

CVSS 4.2 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.2

Technische Schwere

Beschreibung

A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such manipulation leads to use of weak hash. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.

Referenzen

https://github.com/yoanbernabeu/grepai/
https://github.com/yoanbernabeu/grepai/issues/247
https://github.com/yoanbernabeu/grepai/pull/248
https://vuldb.com/cve/CVE-2026-11479
https://vuldb.com/submit/833971
https://vuldb.com/vuln/369099
https://vuldb.com/vuln/369099/cti