CVE-2026-22687

low-risk
Published 2026-01-10

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attacker can use prompt‑based bypass techniques to evade query restrictions and obtain sensitive information from the target server and database. This issue has been patched in version 0.2.5.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.6/10 Medium
NETWORK / HIGH complexity

Affected Products (1)

Weknora

Affected Vendors

Tencent

References (3)

Patch https://github.com/Tencent/WeKnora/commit/da55707022c252dd2c20f8e18145b2d899ee06...
Exploit https://github.com/Tencent/WeKnora/security/advisories/GHSA-pcwc-3fw3-8cqv
Exploit https://github.com/Tencent/WeKnora/security/advisories/GHSA-pcwc-3fw3-8cqv
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal