Tencent WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval, supporting multi-tenant environments. Prior to version 0.3.0, WeKnora contained an authorization bypass vulnerability (CVE-2026-30857) classified under CWE-639 (Authorization Bypass Through User-Controlled Key). This vulnerability exists in the knowledge base copy endpoint, which allows authenticated users to duplicate knowledge bases belonging to other tenants by supplying or guessing the source knowledge base ID. Since the system does not properly verify tenant ownership of the source knowledge base, attackers with low privileges can perform cross-tenant cloning of knowledge bases, resulting in unauthorized access to potentially sensitive document and FAQ content. The vulnerability has a CVSS 3.1 base score of 5.3 (medium severity), reflecting network attack vector, high attack complexity, low privileges required, no user interaction, and a significant confidentiality impact without affecting integrity or availability. No known exploits are reported in the wild as of the publication date. The issue was addressed and patched in WeKnora version 0.3.0 by enforcing proper authorization checks on the knowledge base copy operation to ensure tenant isolation.

The primary impact of this vulnerability is the unauthorized disclosure of sensitive information across tenants in multi-tenant deployments of WeKnora. Attackers can exfiltrate large volumes of documents and FAQ content belonging to other tenants, potentially exposing confidential business data, intellectual property, or personally identifiable information. This breach of confidentiality can lead to reputational damage, regulatory compliance violations (e.g., GDPR, HIPAA), and financial losses. Since the vulnerability does not affect data integrity or availability, the risk is limited to data leakage. However, the ease of exploitation by any authenticated user with low privileges increases the threat surface, especially in environments with many tenants and users. Organizations relying on WeKnora for knowledge management and semantic retrieval must consider the risk of insider threats or compromised accounts being leveraged to exploit this flaw.

To mitigate this vulnerability, organizations should immediately upgrade WeKnora to version 0.3.0 or later, where the authorization bypass has been fixed. Until upgrading is possible, implement strict access controls and monitoring on the knowledge base copy endpoint to detect and block unauthorized cloning attempts. Employ rate limiting and anomaly detection to identify suspicious enumeration of knowledge base IDs. Enforce strong tenant isolation policies and audit logs to track access and copying activities. Additionally, restrict authentication to trusted users and consider multi-factor authentication to reduce the risk of compromised credentials being used for exploitation. Regularly review and update permissions to ensure users have the minimum necessary privileges. Finally, conduct security assessments and penetration testing focused on multi-tenant authorization controls to detect similar weaknesses.