cvedb.io
CVE-2026-0612
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2026-01-16T13:16:11.677 · Last modified 2026-06-17T10:11:04.910

Summary

The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.

Affected products

thelibrarian — the_librarian

Does this affect you?

Add your gear to cvedb and we'll alert you only when thelibrarian ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.