BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

ChainLeak in Chainlit exposes cloud API keys, enables SSRFs.

Chainlit “ChainLeak” vulnerabilities expose secrets and enable SSRF — update to v2.9.4 immediately

  • Chainlit contained two high-severity flaws that can leak files and enable SSRF from the server.
  • Attackers could extract cloud API keys, database files, or internal metadata to move laterally inside networks.
  • Patches were released in version 2.9.4; affected deployments should update immediately.

Chainlit, an open-source framework for chatbots, had two serious vulnerabilities that can expose secrets and enable server-side request forgery. Researchers at Zafran Security disclosed the issues after responsible disclosure on November 23, 2025; fixes appeared in version 2.9.4 on December 24, 2025. The package has seen heavy use, with the project page showing wide adoption and downloads; the package was downloaded over 220,000 times in one week and totals millions of downloads, per public stats.

- Advertisement -

Zafran labeled the flaws ChainLeak. One issue, CVE-2026-22218 (CVSS 7.1), allows authenticated attackers to read arbitrary files via the "/project/element" update flow when user-controller fields lack validation. The other, CVE-2026-22219 (CVSS 8.3), is an SSRF in the same flow when Chainlit uses an SQLAlchemy data layer backend.

Zafran researchers warned of combined impact. "The two Chainlit vulnerabilities can be combined in multiple ways to leak sensitive data, escalate privileges, and move laterally within the system," they said. Attackers could read files such as "/proc/self/environ" to recover API keys and credentials, or exfiltrate SQLite database files when SQLAlchemy uses an SQLite backend.

The disclosure also referenced another AI server flaw. Security firm Microsoft-markitdown-vulnerabilities”>BlueRock reported a vulnerability in Microsoft MarkItDown MCP that allows arbitrary URI calls. "This vulnerability allows an attacker to execute the Markitdown MCP tool convert_to_markdown to call an arbitrary uniform resource identifier (URI)," BlueRock said, adding that metadata queries can reveal AWS instance credentials.

Operators should update affected Chainlit installs to the patched release and follow secure deployment practices described in the project documentation at Chainlit docs and in vendor advisories. More technical details and mitigation guidance are available in the linked advisories and CVE entries.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Saylor’s ‘Orange Dots’ Signal Fails to Clarify Bitcoin Strategy

Strategy founder Michael Saylor posted a cryptic signal on Sunday, prompting analysts to call...

Crypto’s $2T Crash Awaits BlackRock Shock & FOMO

Bitcoin has stabilized near $60,000 after a downturn erased $2 trillion from the crypto...

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Saylor and Back oppose BIP-110 fork over Bitcoin security fears

Michael Saylor and Adam Back have publicly opposed BIP-110, a temporary Bitcoin fork proposal...

China, India groups target Pakistani police in cyber espionage

Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber...

Must Read

Crypto in New York: The 2026 Guide to Legal Exchanges and BitLicense Regulations

TL;DR: Trading crypto in New York is legal but heavily regulated by the New York Department of Financial Services (NYDFS). Platforms must hold a BitLicense...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading