CVE-2025-69207

EUVD-2025-206746

02.02.2026, 23:16

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion configurations with their own, resulting in data poisoning and unauthorized access to the victim's Khoj search index. This attack requires knowing the user's UUID which can be leaked through shared conversations where an AI generated image is present. This vulnerability is fixed in 2.0.0-beta.23.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.4 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
khoj	khoj	𝑥 < 2.0.0
khoj	khoj	2.0.0:beta1
khoj	khoj	2.0.0:beta10
khoj	khoj	2.0.0:beta11
khoj	khoj	2.0.0:beta12
khoj	khoj	2.0.0:beta13
khoj	khoj	2.0.0:beta14
khoj	khoj	2.0.0:beta15
khoj	khoj	2.0.0:beta16
khoj	khoj	2.0.0:beta17
khoj	khoj	2.0.0:beta18
khoj	khoj	2.0.0:beta19
khoj	khoj	2.0.0:beta2
khoj	khoj	2.0.0:beta20
khoj	khoj	2.0.0:beta21
khoj	khoj	2.0.0:beta22

𝑥

= Vulnerable software versions

Known Exploits!

https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj

Common Weakness Enumeration

CWE-639 - Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References

https://github.com/khoj-ai/khoj/commit/1b7ccd141d47f365edeccc57d7316cb0913d748b

https://github.com/khoj-ai/khoj/releases/tag/2.0.0-beta.23

https://github.com/khoj-ai/khoj/security/advisories/GHSA-6whj-7qmg-86qj