CVE-2026-36719

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 09, 2026

Vendor unknown

Description

An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain sensitive information, including SHA256 password hashes, via enumerating user IDs.

References

https://github.com/CC-T-454455/Vulnerabilities/tree/master/agent-chat/vulnerability-3