Tencent WeKnora is a large language model (LLM)-powered framework designed to facilitate deep document understanding and semantic retrieval. Versions of WeKnora prior to 0.2.12 suffer from an improper access control vulnerability (CWE-284) identified as CVE-2026-30859. The root cause is a broken tenant isolation mechanism in the database query tool, which fails to enforce strict access controls on critical tables such as models, messages, and embeddings. This flaw allows any authenticated tenant user to read sensitive data belonging to other tenants within the same deployment. Sensitive data exposed includes API keys, model configurations, and private messages, which could be leveraged for further attacks or data breaches. The vulnerability requires user-level authentication but does not require additional user interaction, making it easier to exploit once credentials are obtained. The CVSS 3.1 base score is 5.3, with vector AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating network attack vector, high attack complexity, low privileges required, no user interaction, unchanged scope, high confidentiality impact, and no impact on integrity or availability. No known exploits have been reported in the wild as of the publication date. Tencent has addressed this issue in WeKnora version 0.2.12 by implementing proper tenant isolation and access control enforcement on the affected database tables. Organizations using multi-tenant WeKnora deployments should upgrade immediately to mitigate risk.

The vulnerability allows unauthorized cross-tenant data access within multi-tenant WeKnora deployments, leading to significant confidentiality breaches. Exposure of API keys can enable attackers to impersonate tenants or escalate privileges, while access to model configurations and private messages can compromise intellectual property and sensitive communications. Although integrity and availability are not directly affected, the confidentiality impact alone can result in regulatory violations, reputational damage, and potential financial losses. Attackers with stolen or legitimate user credentials can exploit this flaw remotely without user interaction, increasing the risk of insider threats or credential compromise leading to lateral movement. Organizations relying on WeKnora for sensitive document processing or semantic retrieval services face heightened risk of data leakage across tenants, undermining trust in the platform. The medium CVSS score reflects the balance between the high confidentiality impact and the requirement for authentication and higher attack complexity. However, in environments with weak credential management, the risk escalates. The lack of known exploits in the wild suggests limited active exploitation but does not preclude targeted attacks or future exploitation once the vulnerability is publicly known.

1. Upgrade all WeKnora deployments to version 0.2.12 or later immediately to apply the official patch that enforces proper tenant isolation and access control. 2. Conduct a thorough audit of tenant access permissions and database queries to ensure no unauthorized cross-tenant data access is possible. 3. Implement strict credential management policies, including multi-factor authentication (MFA) for tenant users, to reduce the risk of credential compromise. 4. Monitor logs for unusual access patterns indicative of cross-tenant data access attempts or privilege escalation. 5. Isolate tenant environments at the infrastructure level where possible to add defense in depth beyond application controls. 6. Review and limit API key permissions and rotate keys regularly to minimize impact if exposed. 7. Educate tenant administrators and users about the risks of credential sharing and phishing attacks that could lead to exploitation. 8. If upgrading immediately is not feasible, consider implementing temporary network segmentation or access control lists to restrict tenant database access. 9. Engage in vulnerability scanning and penetration testing focused on multi-tenant isolation to proactively identify similar issues. 10. Maintain an incident response plan to quickly address any detected data breaches resulting from this vulnerability.