CVE-2025-56527

HIGH

Kotaemon < 0.11.0 - Plaintext Password Storage in LocalStorage

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-56527. PoCs published by HanTul.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2025-56526 (Stored XSS via PDF content) and CVE-2025-56527 (plaintext credential storage in localStorage) in Kotaemon <= 0.11.0. It includes root cause analysis, affected code paths, proof-of-concept payloads, and mitigation recommendations.

Description

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.

Exploits (1)

github WRITEUP 1 stars
by HanTul · poc
https://github.com/HanTul/Kotaemon-CVE-2025-56526-56527-disclosure

This repository provides a detailed technical analysis of CVE-2025-56526 (Stored XSS via PDF content) and CVE-2025-56527 (plaintext credential storage in localStorage) in Kotaemon <= 0.11.0. It includes root cause analysis, affected code paths, proof-of-concept payloads, and mitigation recommendations.

Classification
Writeup 100%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Kotaemon <= 0.11.0
Auth required
Prerequisites: Authenticated user with document upload permissions · Malicious PDF with embedded JavaScript payload
devstral-2 · analyzed May 17, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.5
EPSS 0.0036
EPSS Percentile 27.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-256
Status published
Products (1)
cinnamon/kotaemon < 0.11.0
Published Nov 18, 2025
Tracked Since Feb 18, 2026