Executive Summary

CVE-2026-34999 is a missing authentication vulnerability in OpenViking versions 0.2.5 through 0.2.13. It affects the bot proxy router, specifically the POST endpoints /bot/v1/chat and /bot/v1/chat/stream. Due to the lack of enforced authentication, remote attackers can send requests to these endpoints without valid credentials and gain unauthorized access to protected bot proxy functionality.

This means attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy, potentially exploiting the system without any user authentication.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows unauthenticated remote attackers to access and interact with the bot backend through the OpenViking proxy without providing valid credentials. This can lead to unauthorized use of bot proxy functionality, potentially allowing attackers to perform actions or retrieve data that should be protected.

Because the authentication checks are bypassed, attackers can exploit the system remotely with low attack complexity and no privileges or user interaction required, increasing the risk of abuse or misuse of the bot services.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by testing whether the bot proxy endpoints `/bot/v1/chat` and `/bot/v1/chat/stream` allow unauthenticated access. Specifically, sending POST requests to these endpoints without authentication tokens and observing if access is granted indicates the presence of the vulnerability.

Suggested commands to detect the vulnerability include using curl or similar HTTP clients to send requests without authentication headers and checking the response status:

• curl -X POST http://<target-host>/bot/v1/chat -d '{}' -v
• curl -X POST http://<target-host>/bot/v1/chat/stream -d '{}' -v

If the response is successful (e.g., HTTP 200) without requiring authentication tokens in headers such as `X-API-Key` or `Authorization: Bearer`, the system is vulnerable. If the response returns HTTP 401 Unauthorized with a message like "Missing authentication token", the vulnerability has been mitigated.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to update OpenViking to version 0.2.14 or later, where the vulnerability has been fixed by enforcing strict authentication on the bot proxy endpoints `/bot/v1/chat` and `/bot/v1/chat/stream`.

This update requires that all requests to these endpoints include a valid authentication token, either via the `X-API-Key` header or the `Authorization: Bearer` header. Requests without valid tokens will be rejected with HTTP 401 Unauthorized.

If immediate upgrade is not possible, as a temporary measure, you should restrict access to these endpoints at the network level (e.g., firewall rules) to trusted clients only, preventing unauthenticated external access.

Additionally, review and update any integrations or clients that rely on unauthenticated access to these endpoints to include proper authentication tokens.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in OpenViking prior to version 0.2.14 allows unauthenticated remote attackers to access protected bot proxy functionality, potentially enabling unauthorized access to backend services.

Such unauthorized access could lead to exposure or misuse of sensitive data, which may impact compliance with common standards and regulations like GDPR or HIPAA that require strict access controls and protection of personal or sensitive information.

By allowing unauthenticated access, the vulnerability undermines authentication and access control mechanisms, which are fundamental requirements in these regulations to ensure confidentiality and integrity of data.

The fix implemented in OpenViking version 0.2.14 enforces strict authentication on the affected endpoints, thereby mitigating the risk of unauthorized data access and helping maintain compliance with such standards.

Useful 0 Not Useful 0