CVE-2026-23522 is a security vulnerability identified in the LobeChat open source chat application platform, specifically affecting versions prior to 2.0.0-next.193. The flaw resides in the `knowledgeBase.removeFilesFromKnowledgeBase` tRPC endpoint, which allows authenticated users to delete files from any knowledge base without verifying if they own or have permission to modify that knowledge base. This occurs because the `userId` filter in the database query responsible for restricting deletion to authorized users is commented out, effectively disabling ownership checks. As a result, an attacker who is authenticated can delete files belonging to other users if they know the knowledge base ID and the file ID. These IDs are random and not easily guessable or enumerable, which raises the attack complexity. However, these identifiers may leak through shared links, logs, or HTTP referrer headers, increasing the risk of exploitation. The vulnerability is classified under several CWEs related to improper access control and authorization bypass (CWE-284, CWE-639, CWE-862, CWE-915). Although the vulnerability impacts the integrity of data by enabling unauthorized deletion, it does not directly compromise confidentiality or availability. The CVSS v3.1 base score is 3.7 (low severity), reflecting the need for authentication, high attack complexity, and limited scope of impact. No known exploits have been reported in the wild as of the publication date. The vendor has addressed the issue in version 2.0.0-next.193 by restoring proper ownership verification in the deletion API. Organizations using affected versions should upgrade to this patched release to mitigate the risk.

For European organizations, the primary impact of this vulnerability is the potential unauthorized deletion of files within knowledge bases managed via LobeChat. This can lead to data integrity issues, loss of critical information, disruption of collaborative workflows, and potential operational setbacks. Although the vulnerability does not directly expose confidential data or cause denial of service, the ability to tamper with stored knowledge base files could undermine trust in the platform and complicate incident response efforts. Organizations relying on LobeChat for internal communication or knowledge management may face increased risk if knowledge base or file identifiers are inadvertently exposed through shared links, logs, or referrer headers. The impact is heightened in environments where sensitive or regulated data is stored in knowledge bases, as unauthorized deletion could violate compliance requirements. Given the low CVSS score and the requirement for authenticated access plus knowledge of specific IDs, the risk is moderate but non-negligible. European entities with active developer or collaboration teams using LobeChat should prioritize patching to maintain data integrity and operational continuity.

1. Upgrade all LobeChat instances to version 2.0.0-next.193 or later, where the authorization checks have been restored and enforced. 2. Review and audit access logs and shared links to identify any potential leakage of knowledge base IDs or file IDs that could facilitate exploitation. 3. Implement strict access controls and monitoring around knowledge base sharing features to minimize inadvertent exposure of sensitive identifiers. 4. Educate users about the risks of sharing knowledge base or file links publicly or in unsecured channels. 5. If upgrading immediately is not feasible, consider restricting access to the vulnerable API endpoints via network controls or application-layer firewalls to limit exposure. 6. Conduct regular security assessments and penetration testing focused on authorization mechanisms within collaboration platforms. 7. Monitor for unusual deletion activity or access patterns that could indicate exploitation attempts. 8. Maintain an inventory of all LobeChat deployments and versions across the organization to ensure timely patch management.