Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
chainlit 0.7.700 | Vulnerabilities | Sonatype Guide
pypi
chainlit
0.7.700
chainlit 0.7.700
Published
Nov 28, 2023
•
Policy
compliance
pypi Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
167
Versions
167
Vulnerabilities
5
Vulnerabilities
5
Dependencies
20
Dependencies
20
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(2)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
6.5
CVE-2026-22218
Chainlit versions prior to 2.9.4 contain an arbitrary file read vulnerability in the /project/element update flow. An authenticated client can send a custom Element with a user-controlled path value, causing the server to copy the referenced file into the attacker’s session. The resulting element identifier (chainlitKey) can then be used to retrieve the file contents via /project/file/<chainlitKey>, allowing disclosure of any file readable by the Chainlit service.
affected
Severity
Medium
Published
Jan 20, 2026
5.3
sonatype-2024-011480
chainlit - Path Traversal
affected
Severity
Medium
Published
Oct 2, 2024
