CVE-2026-36719
09.06.2026, 19:17
An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain sensitive information, including SHA256 password hashes, via enumerating user IDs.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.