CVE-2026-11479

Source
https://cve.org/CVERecord?id=CVE-2026-11479
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11479.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-11479
Published
2026-06-08T02:15:09.333Z
Modified
2026-07-08T07:43:45.099902952Z
Severity
  • 1.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
yoanbernabeu grepai Qdrant Backend chunker.go weak hash
Details

A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such manipulation leads to use of weak hash. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/11xxx/CVE-2026-11479.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-327",
        "CWE-328"
    ]
}
References

Affected packages

Git / github.com/yoanbernabeu/grepai

Affected ranges

Type
GIT
Repo
https://github.com/yoanbernabeu/grepai
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "0.35.0"
        },
        {
            "last_affected": "0.35.0"
        }
    ]
}

Affected versions

0.*
0.35.0
v0.*
v0.35.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11479.json"