CVE-2026-0612

Published: Jan 16, 2026Modified: Jan 23, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.

Affected (1)

Products: Thelibrarian: The Librarian

Thelibrarian

1 product

The Librarian

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Thelibrarian The Librarian	All versions

References (2)

http://mindgard.ai/blog/thelibrarian-ios-ai-security-

Source: cret@cert.org

Third Party Advisory

https://thelibrarian.io/

Source: cret@cert.org

Product

Timeline

No history available yet.