CVE Catalog

CVE-2026-11479

MediumCVSS 4.2
Published: Updated: Translated: NVD NIST

Summary

A vulnerability has been found in version 0.35.0 of the Qdrant Backend component in the yoanbernabeu grepai library. The issue affects some unknown processing of the file indexer/chunker.go, leading to the use of a weak hash.

Risk Assessment

An attack on this vulnerability may be performed remotely, but its exploitability is assessed as difficult. However, the public disclosure of the exploit increases the risk of its use.

Recommendation

It is recommended to monitor the status of the pull request fixing this vulnerability and to update the component to the latest version once it is accepted.

Original NVD description (English source)

A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown processing of the file indexer/chunker.go of the component Qdrant Backend. Such manipulation leads to use of weak hash. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS