Khoj-ai Khoj
5 CVEs affecting Khoj-ai Khoj. Latest disclosed: 2026-06-28. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-25639 | Medium | 5.9 | 2024-07-08 | Khoj is an application that creates personal AI agents. The Khoj Obsidian, Desktop and Web clients inadequately sanitize the AI model's response and user input… |
CVE-2026-13508 | Medium | 5.5 | 2026-06-28 | A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversat… |
CVE-2025-69207 | Medium | 5.4 | 2026-02-02 | Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notio… |
CVE-2024-43396 | Medium | 5.4 | 2024-08-20 | Khoj is an application that creates personal AI agents. The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting i… |
CVE-2024-52294 | Medium | 4.3 | 2024-12-30 | Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscript… |