Tencent WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Versions before 0.2.12 contain a broken access control vulnerability (CWE-284) in the database query tool that enables any authenticated tenant to read sensitive data belonging to other tenants. This occurs because the application fails to enforce proper tenant isolation on critical tables such as models, messages, and embeddings. As a result, an attacker with legitimate user-level credentials can bypass restrictions and access API keys, model configurations, and private messages of other tenants. The vulnerability does not require user interaction beyond authentication and does not impact data integrity or availability. The CVSS v3.1 base score is 5.3, reflecting a medium severity due to network exploitability, required privileges, and high confidentiality impact. Tencent addressed this issue in WeKnora version 0.2.12 by implementing proper access controls and tenant isolation mechanisms on the affected database tables.

This vulnerability exposes sensitive tenant data to unauthorized users within the same WeKnora deployment, leading to potential leakage of API keys, proprietary model configurations, and private communications. Such data exposure can facilitate further attacks, including unauthorized API usage, intellectual property theft, and privacy violations. Organizations relying on WeKnora for document understanding and semantic retrieval risk compromise of confidential information, undermining trust and potentially violating data protection regulations. Although the vulnerability does not affect data integrity or availability, the confidentiality breach alone can have significant reputational and operational consequences. Multi-tenant deployments are particularly at risk, as cross-tenant data leakage violates fundamental security principles and compliance requirements.

Organizations should immediately upgrade Tencent WeKnora to version 0.2.12 or later, where the vulnerability is patched. Until upgrading, restrict access to the database query tool to trusted administrators and monitor tenant activities for anomalous access patterns. Implement network segmentation and strong authentication controls to limit exposure. Review and audit tenant isolation configurations to ensure proper enforcement of access controls on all critical tables, including models, messages, and embeddings. Employ logging and alerting mechanisms to detect unauthorized cross-tenant data access attempts. Additionally, conduct regular security assessments and penetration testing focused on multi-tenant isolation to identify similar weaknesses proactively. Finally, educate users about the importance of safeguarding credentials to prevent exploitation by malicious insiders or compromised accounts.