CVE-2026-14630
Received Received - Intake

Weak Hash Usage in ForceInjection AI-fundermentals

Vulnerability report for CVE-2026-14630, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-04

Last updated on: 2026-07-04

Assigner: VulDB

Description

A vulnerability has been found in ForceInjection AI-fundermentals 2.0/3.0. Affected by this vulnerability is the function get_conversation_history of the file 08_agentic_system/memory/langchain/code/smart_customer_service.py of the component Memory Recall Handler. The manipulation leads to use of weak hash. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is f57277fdd9ba373ace72d83c272023ec67f720d6. It is suggested to install a patch to address this issue. The project confirms (translated from Chinese): "We now require session ownership verification in methods such as `username`, `sessionowner`, etc., and we've chat()changed the generation of `sessionowner` to include verified user identity and security context metadata."

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-04
Last Modified
2026-07-04
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
forceinjection ai-fundamentals 2.0
forceinjection ai-fundamentals 3.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-328 The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-14630 is a vulnerability in ForceInjection AI-fundamentals that affects the memory recall system used in customer service AI. Specifically, the vulnerability arises because the system uses only the session_id as the key to access conversation history, without verifying the user identity or authorization metadata.

This flaw allows an attacker who knows a victim's session_id to access and manipulate that victim's conversation history. The attacker can read sensitive information from the victim's memory and inject malicious messages, effectively poisoning the victim's conversation data.

The vulnerability affects both in-memory and persistent storage modes, meaning the malicious changes can persist even after system restarts. The root cause is weak session isolation due to the use of a weak hash key that does not include verified user identity or security context.

Impact Analysis

This vulnerability can impact you by allowing unauthorized users to access your private conversation history within the AI system if they obtain your session_id.

An attacker could read sensitive information you shared during your interactions, such as personal details or order information.

Additionally, the attacker can inject false or malicious messages into your conversation history, potentially causing confusion or misleading responses from the AI system.

Because the vulnerability affects persistent storage, these malicious changes can remain even after system restarts, prolonging the impact.

Detection Guidance

This vulnerability involves unauthorized access to conversation histories by exploiting session_id reuse in the LangGraph memory key. Detection involves monitoring for suspicious access patterns where session IDs are used without corresponding verified user identities.

Since the vulnerability is related to session management and memory recall in the AI-fundamentals system, detection can focus on verifying whether session operations are properly bound to authenticated user identities and security context metadata.

No explicit commands are provided in the resources, but you can audit logs or trace calls to functions like get_conversation_history or chat to check if session IDs are being used without accompanying user_id or security context validation.

Additionally, reviewing the system for the presence of the vulnerable commit (5bb92c73a5aa0560c753beeb56e7ad4314dc8a7a) or absence of the patch commit (f57277fdd9ba373ace72d83c272023ec67f720d6) can help identify if the system is vulnerable.

Mitigation Strategies

The primary mitigation step is to apply the patch identified by commit f57277fdd9ba373ace72d83c272023ec67f720d6 which fixes the memory session isolation vulnerability.

  • Update session management to require both validated user ID and session ID for all session operations.
  • Implement composite thread IDs that include user_id, session_id, and security metadata (such as tenant_id and permissions) to prevent unauthorized access.
  • Enforce access permission validation before allowing any session-related operations.
  • Ensure all session-related methods (e.g., chat, get_conversation_history, get_conversation_summary) require explicit user_id parameters and security context checks.
  • Invalidate any vulnerable checkpoint states that may have been poisoned.

These steps effectively isolate memory between sessions and prevent attackers from accessing or poisoning other users' conversation histories.

Compliance Impact

The vulnerability allows unauthorized access to other users' conversation histories by exploiting weak session isolation, which can lead to exposure of sensitive personal data.

Such unauthorized access and potential data leakage can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls on personal and sensitive information to prevent unauthorized disclosure.

The fix involves binding memory operations to authenticated user identities and enforcing security context validation, which helps restore proper data isolation and supports compliance with these standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14630. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart