CVE-2026-0615

Published: Jan 16, 2026Modified: Jan 23, 2026

7.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Exploitability: 3.9 / Impact: 3.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions.

Affected (1)

Products: Thelibrarian: The Librarian

Thelibrarian

1 product

The Librarian

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Thelibrarian The Librarian	All versions

References (2)

http://mindgard.ai/blog/thelibrarian-ios-ai-security-

Source: cret@cert.org

Third Party Advisory

https://thelibrarian.io/

Source: cret@cert.org

Product

Timeline

No history available yet.