CVE-2026-0612_CVE-2026-0612

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.

Basic Information

ID CVE-2026-0612

Source certcc

Published Jan 16, 2026 at 12:44

Modified Jan 16, 2026 at 21:42

Affected Product

Vendor TheLibrarian

Product TheLibrarian.io

Affected Versions TheLibrarian TheLibrarian.io 0

References

{
    "lastseen": "",
    "description": "The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.",
    "published": "2026-01-16T12:44:59.806Z",
    "modified": "2026-01-16T21:42:52.062Z",
    "type": "cve",
    "title": "CVE-2026-0612",
    "source": "certcc",
    "references": "http://mindgard.ai/blog/thelibrarian-ios-ai-security-\nhttps://thelibrarian.io/",
    "id": "CVE-2026-0612",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "TheLibrarian TheLibrarian.io 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TheLibrarian.io",
    "version": "0",
    "vendor": "TheLibrarian",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply