Tencent Weknora
12 CVEs affecting Tencent Weknora. Latest disclosed: 2026-05-18. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-30861 | Critical | 10.0 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenti… |
CVE-2026-30860 | Critical | 10.0 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vul… |
CVE-2026-22688 | Critical | 10.0 | 2026-01-10 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulne… |
CVE-2026-30855 | High | 8.8 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant… |
CVE-2025-11046 | High | 7.3 | 2025-09-26 | A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. T… |
CVE-2026-30858 | Medium | 6.5 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a DNS rebinding vulnerability in t… |
CVE-2026-8786 | Medium | 6.3 | 2026-05-18 | A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/ha… |
CVE-2026-30856 | Medium | 5.9 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a vulnerability involving tool na… |
CVE-2026-30247 | Medium | 5.9 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import documen… |
CVE-2026-22687 | Medium | 5.6 | 2026-01-10 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent se… |
CVE-2026-30859 | Medium | 5.3 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a broken access control vulnerabi… |
CVE-2026-30857 | Medium | 5.3 | 2026-03-07 | WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a cross-tenant authorization bypas… |