CVE-2026-58580
Received Received - Intake

Broken Object-Level Authorization in LobeChat

Vulnerability report for CVE-2026-58580, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: VulnCheck

Description

LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by message id alone, omitting the userId scope that sibling methods apply, and findMessagePlugin reads back by id alone. Reachable via the corresponding tRPC message procedures, an authenticated user who knows another user's message identifier can overwrite that victim's plugin tool-call metadata, plugin state/error, text-to-speech and translation records on the same instance, and the tampered content is served back to the victim. Exploitation requires knowledge of the victim's non-enumerable message identifier.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-03
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-58580 is a broken object-level authorization vulnerability in LobeChat versions up to 2.2.9, specifically in the MessageModel component. Certain update methods like updateMessagePlugin, updatePluginState, updatePluginError, updateTTS, and updateTranslate filter database rows only by message ID without verifying the user ID. This means an authenticated user who knows another user's message identifier can overwrite that user's plugin metadata, plugin state or error records, text-to-speech, and translation data. The tampered content is then served back to the victim. The vulnerability arises because these methods omit the userId scope check that sibling methods apply.

Exploitation requires knowledge of the victim's non-enumerable message identifier, which is not easily brute-forced but may be obtained through shared content or logs.

Impact Analysis

This vulnerability allows an authenticated attacker to arbitrarily modify another user's message-related data, including plugin tool-call metadata, plugin state or error information, text-to-speech settings, and translation content.

As a result, the victim may receive tampered or misleading content, which can lead to unauthorized actions or confusion during communication.

Because the altered data is served back to the victim, it represents a stored cross-user content integrity issue that can undermine trust and data integrity within the application.

Detection Guidance

Detection of this vulnerability involves identifying unauthorized modifications to message plugin metadata, text-to-speech, or translation records that occur without proper userId scoping.

Since the vulnerability is exploited by an authenticated user who knows another user's message ID, monitoring logs for unusual update operations on message sub-tables (such as updateMessagePlugin, updatePluginState, updatePluginError, updateTTS, and updateTranslate) that do not include userId checks can help detect exploitation attempts.

Commands or queries to detect suspicious activity might include database queries to audit recent updates filtered only by message ID without userId, for example:

  • SQL query to find updates on message plugin tables where userId is missing or mismatched.
  • Log analysis commands to search for tRPC message procedure calls that update plugin or translation data referencing message IDs belonging to other users.

Specific commands depend on your logging and database setup, but focusing on update operations on message-related tables without userId scoping is key.

Mitigation Strategies

Immediate mitigation involves ensuring that all write operations on message sub-tables include userId predicates to enforce proper object-level authorization.

Specifically, update the affected methods (updateMessagePlugin, updatePluginState, updatePluginError, updateTTS, updateTranslate) to filter target rows by both message ID and userId.

Additionally, read methods like findMessagePlugin should also scope queries by userId to prevent serving tampered content.

Alternatively, enforce message ownership checks at the router or application logic level before dispatching requests to these methods.

Until a patch is applied, restrict access to authenticated users and monitor for suspicious activity involving message ID usage.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-58580. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart