CVE-2026-25083 is a vulnerability in GROWI, an open-source collaborative documentation platform developed by GROWI, Inc. The flaw exists in the OpenAI thread/message API endpoints in versions 7.4.5 and earlier, where authorization checks are missing. This means that any authenticated user who knows the identifier of a shared AI assistant can access and potentially tamper with threads and messages belonging to other users. The vulnerability arises because the API does not verify whether the requesting user has permission to view or modify the data associated with the AI assistant's threads. The CVSS 3.0 base score is 8.3, indicating a high severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L. This translates to a network attack vector, low attack complexity, requiring privileges (logged-in user), no user interaction, unchanged scope, and high impact on confidentiality and integrity, with low impact on availability. Although no public exploits are currently known, the vulnerability allows unauthorized disclosure and modification of sensitive collaborative content, potentially leading to data leakage, misinformation, or sabotage within teams relying on GROWI's AI assistant features. The lack of authorization checks is a critical design flaw that undermines access control mechanisms in the affected API endpoints.

The vulnerability can lead to unauthorized disclosure of sensitive information contained in AI assistant threads and messages, violating confidentiality. Unauthorized modification of these threads can compromise data integrity, potentially causing misinformation, loss of trust, or operational disruption within organizations. Since GROWI is used for collaborative documentation and knowledge sharing, exploitation could affect business processes, intellectual property, and internal communications. The attack requires only authenticated access, which may be easier to obtain in environments with weak user management or credential reuse. Although availability impact is low, the overall damage to data confidentiality and integrity can be significant, especially in sectors handling sensitive or proprietary information. Organizations worldwide using vulnerable GROWI versions are at risk of insider threats or external attackers leveraging compromised credentials to exploit this flaw.

Organizations should immediately upgrade GROWI to a version later than 7.4.5 where this vulnerability is patched. If an upgrade is not immediately feasible, implement strict access controls on the AI assistant identifiers to prevent unauthorized users from discovering or using them. Audit and monitor API access logs for unusual activity related to thread/message endpoints. Enforce strong authentication and session management policies to reduce the risk of credential compromise. Consider restricting API endpoint access to trusted networks or VPNs. Conduct a thorough review of user permissions and remove unnecessary privileges. Additionally, implement application-layer authorization checks as a compensating control until official patches are applied. Regularly back up critical data to enable recovery in case of tampering.