Browse all 4 CVE security advisories affecting khoj-ai. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69207 | Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning — khojCWE-639 | 5.4 | Medium | 2026-02-02 |
| CVE-2024-52294 | khoj has an IDOR in subscription management that allows unauthorized subscription modifications — khojCWE-639 | 4.3 | Medium | 2024-12-30 |
| CVE-2024-43396 | Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature) — khojCWE-79 | 5.4 | Medium | 2024-08-20 |
| CVE-2024-25639 | Prompt Injection triggered XSS vulnerability in Khoj Obsidian, Desktop and Web clients — khojCWE-80 | 5.9 | Medium | 2024-07-08 |
This page lists every published CVE security advisory associated with khoj-ai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.