CVE-2026-22688

Published: Jan 10, 2026Modified: Jan 22, 2026

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. This issue has been patched in version 0.2.5.

Affected (1)

Products: Tencent: Weknora

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tencent Weknora	Before 0.2.5

Related CWEs

Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

References (3)

https://github.com/Tencent/WeKnora/commit/f7900a5e9a18c99d25cec9589ead9e4e59ce04bb

Source: security-advisories@github.com

Patch

https://github.com/Tencent/WeKnora/security/advisories/GHSA-78h3-63c4-5fqc

Source: security-advisories@github.com

ExploitVendor Advisory

https://github.com/Tencent/WeKnora/security/advisories/GHSA-78h3-63c4-5fqc

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitVendor Advisory

Timeline

No history available yet.