Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Chainlit arbitrary file read and SSRF vulnerabilities (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 24
2 unique sources, 2 articles

Summary

Hide ▲

Two Chainlit flaws, CVE-2026-22218 and CVE-2026-22219, can expose files, API keys, and cloud resources in AI application backends. One issue enables arbitrary file reads from servers handling Chainlit deployments, while the other enables SSRF in setups using a SQLAlchemy data layer. Chainlit 2.9.4 was released on 2025-12-24 to address the vulnerabilities. Users of affected systems are urged to update quickly because the backend weaknesses can reveal sensitive data even when the AI model itself is not compromised.

Related Happenings

Unauthenticated Moltbot instances expose configuration data and credentials

Data Leak
First: 28.01.2026 19:46 Last: 28.01.2026 19:46 Sources 1

About this happening: **Hundreds of unauthenticated Moltbot instances** were found exposing **configuration data**, **API keys**, **OAuth credentials**, and **private chat histories** to unauthorized p...

Open Happening

Visual Studio Code-delivered JavaScript backdoor

Malware Activity
First: 22.01.2026 00:00 Last: 22.01.2026 00:00 Sources 1

About this happening: **North Korean threat actors** are using **malicious Next.js repositories** in a **fake job-recruitment campaign** to trigger **remote code execution (RCE)** on **developer system...

Open Happening

Publicly exposed training apps as recurring cloud-entry risk across security vendors

Target Trend
First: 21.01.2026 16:00 Last: 21.01.2026 16:00 Sources 1

About this happening: **Cybersecurity training apps** left exposed on the public Internet are creating a recurring **cloud-entry risk** for **security vendors and enterprise users**. A scan identified...

Open Happening

DCRat delivered through PowerShell and MSBuild in PHALT#BLYX

Malware Activity
First: 06.01.2026 14:13 Last: 06.01.2026 14:13 Sources 1

About this happening: **SHADOW#REACTOR** is a **multi-stage Windows malware campaign** that uses **obfuscated VBS**, **PowerShell**, **wscript.exe**, **MSBuild.exe**, and in-memory loaders to stealthil...

Open Happening

Cloudflare WAF protections for React2Shell (CVE-2025-55182)

Advisory/Mitigation
First: 05.12.2025 17:12 Last: 05.12.2025 17:12 Sources 1

About this happening: Cloudflare rolled out **WAF protections** for **CVE-2025-55182 / React2Shell**, a mitigation aimed at reducing **unauthenticated RCE** risk across **React** deployments. The actio...

Open Happening

Timeline

  1. 20.01.2026 18:30 1 articles · 4mo ago

    Chainlit 2.9.4 patch for CVE-2026-22218 and CVE-2026-22219

    Mitigation Patch Update

    Chainlit released version 2.9.4 on 24 December, 2025 to address CVE-2026-22218 and CVE-2026-22219, which affected deployments using a SQLAlchemy data layer. Temporary web application firewall signatures were also published to reduce exposure until affected systems can be updated.

    Show sources
    Open in new tab
  2. 20.01.2026 18:30 2 articles · 4mo ago

    Zafran Research disclosure of Chainlit arbitrary file read and SSRF flaws

    Initial Disclosure

    Zafran Research disclosed CVE-2026-22218 and CVE-2026-22219 in the Chainlit framework, showing that authenticated users could read arbitrary files from a Chainlit server and that SQLAlchemy-based deployments could be exposed to SSRF. The weaknesses could expose environment variables, local databases, cached prompts and responses, API keys, and cloud resources.

    Show sources
    Open in new tab