CVE-2026-57206
Received Received - Intake

Unauthenticated Plugin Validation in SimpleChat

Vulnerability report for CVE-2026-57206, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: GitHub, Inc.

Description

SimpleChat is a secure AI conversation application with personal and group workspaces for document-grounded interactions. Prior to 0.241.206, several plugin validation routes in application/single_app/plugin_validation_endpoint.py, including `POST /api/admin/plugins/test-instantiation`, `GET /api/admin/plugins/health-check/<plugin_name>`, `POST /api/admin/plugins/repair/<plugin_name>`, and `POST /api/plugins/validate`, relied on @swagger_route(security=get_auth_security()) documentation without enforcing @login_required, @user_required, or @admin_required at runtime, allowing unauthenticated or unauthorized clients to invoke plugin validation, health, and repair behavior. This issue is fixed in version 0.241.206.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-16
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
microsoft simplechat 0.241.206
microsoft simplechat to 0.241.206 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57206 is a vulnerability in SimpleChat versions before 0.241.206 where plugin validation endpoints lacked proper authentication and authorization checks. Routes like POST /api/admin/plugins/test-instantiation and GET /api/admin/plugins/health-check/<plugin_name> were documented with security requirements but did not enforce them at runtime. This allowed unauthenticated users to access sensitive plugin operations such as validation, health checks, and repairs.

Detection Guidance

Check SimpleChat version with: curl -s http://<host>:<port>/api/version | grep version. If version is below 0.241.206, the system is vulnerable. Inspect plugin_validation_endpoint.py for missing @login_required, @user_required, or @admin_required decorators on affected routes.

Impact Analysis

An attacker could exploit this to enumerate plugins, read health details, trigger server-side checks, or modify plugin configuration and storage via the repair endpoint. The repair endpoint is particularly dangerous as it can write to global plugin metadata. The attack requires no privileges, user interaction, or special complexity, making it highly accessible.

Compliance Impact

The vulnerability allows unauthenticated access to plugin validation, health, and repair endpoints, which could lead to unauthorized data exposure or modification. This may violate compliance requirements under GDPR (data protection) and HIPAA (health data security) by enabling unauthorized access to sensitive operations or data.

Mitigation Strategies

Upgrade SimpleChat to version 0.241.206 or later. Alternatively, manually add @login_required and @admin_required decorators to affected routes in plugin_validation_endpoint.py. Restrict access via reverse proxy rules until upgrade is completed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57206. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart