CVE-2026-25402
Awaiting Analysis
Awaiting Analysis - Queue
Missing Authorization in echoplugins Knowledge Base Allows Unauthorized Access
Publication date: 2026-02-19
Last updated on: 2026-02-19
Assigner: Patchstack
Description
Description
Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through <= 16.011.0.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| echo_plugins | knowledge_base_for_documentation_faqs_with_ai_assistance | to 16.011.0 (inc) |
| echoplugins | knowledge_base_for_documentation_faqs_with_ai_assistance | to 16.011.0 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
