Thelibrarian Thelibrarian.io
4 CVEs affecting Thelibrarian Thelibrarian.io. Latest disclosed: 2026-01-16. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0616 | High | 7.5 | 2026-01-16 | TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system… |
CVE-2026-0613 | High | 7.5 | 2026-01-16 | The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET… |
CVE-2026-0612 | High | 7.5 | 2026-01-16 | The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by a… |
CVE-2026-0615 | High | 7.3 | 2026-01-16 | The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend… |