Tencent WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval, used to manage knowledge bases across multiple tenants. Prior to version 0.3.0, WeKnora contained a critical authorization bypass vulnerability (CVE-2026-30857) classified under CWE-639 (Authorization Bypass Through User-Controlled Key). The vulnerability exists in the knowledge base copy endpoint, which allows authenticated users to duplicate knowledge bases. Due to insufficient authorization checks, an attacker with low privileges can specify or guess the source knowledge base ID belonging to another tenant and clone it into their own tenant environment. This flaw enables unauthorized access and bulk exfiltration of sensitive document and FAQ content across tenant boundaries. The vulnerability affects confidentiality but does not impact data integrity or system availability. Exploitation requires network access and authentication but no user interaction. The vulnerability has a CVSS 3.1 base score of 5.3, reflecting medium severity due to the need for authentication and high attack complexity. Tencent has addressed this issue in WeKnora version 0.3.0 by implementing proper authorization validation on the copy endpoint to ensure tenant isolation.

The primary impact of this vulnerability is the unauthorized disclosure of sensitive information stored in knowledge bases across tenants. Organizations using affected versions of WeKnora risk bulk data leakage, which could include proprietary documents, FAQs, or other confidential content. This could lead to competitive disadvantage, intellectual property theft, or exposure of sensitive operational information. Since the vulnerability allows cross-tenant data access, multi-tenant cloud deployments and SaaS providers using WeKnora are particularly at risk. Although the vulnerability does not affect data integrity or availability, the breach of confidentiality can have significant reputational and regulatory consequences, especially for organizations handling sensitive or regulated data. The requirement for authentication limits exposure to insiders or compromised accounts but does not eliminate risk. No known exploits in the wild reduce immediate threat but patching is critical to prevent future attacks.

Organizations should immediately upgrade Tencent WeKnora to version 0.3.0 or later, where the authorization bypass vulnerability has been fixed. Until upgrade is possible, restrict access to the knowledge base copy endpoint to only highly trusted users and monitor logs for unusual copy requests or attempts to access knowledge bases belonging to other tenants. Implement strong authentication and account management policies to reduce the risk of compromised credentials being used to exploit this flaw. Conduct regular audits of tenant data access patterns to detect potential unauthorized cloning activities. Network segmentation and application-layer firewalls can help limit exposure of the vulnerable endpoint. Additionally, consider encrypting sensitive knowledge base content at rest and in transit to reduce impact if exfiltration occurs. Finally, maintain an incident response plan to quickly address any detected data leakage incidents.