All 4 CVE vulnerabilities found in khoj, with AI-generated Chinese analysis, references, and POCs.
Vendor: khoj-ai
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69207 | Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning CWE-639 | 5.4 | Medium | 2026-02-02 |
| CVE-2024-52294 | khoj has an IDOR in subscription management that allows unauthorized subscription modifications CWE-639 | 4.3 | Medium | 2024-12-30 |
| CVE-2024-43396 | Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature) CWE-79 | 5.4 | Medium | 2024-08-20 |
| CVE-2024-25639 | Prompt Injection triggered XSS vulnerability in Khoj Obsidian, Desktop and Web clients CWE-80 | 5.9 | Medium | 2024-07-08 |
All 4 known CVE vulnerabilities affecting khoj with full Chinese analysis, references, and POCs where available.