CVE-2026-22219

CVE Database · CVE-2026-22219

CVE-2026-22219

· HIGHAnalyzed

CVSS v3.1

7.7

CVSS v4.0

8.3

EPSS

4.44%

Published

Jan 19, 2026

Modified

Feb 2, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Chainlit versions prior to 2.9.4 contain a server-side request forgery (SSRF) vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated client can provide a user-controlled url value in an Element, which is fetched by the SQLAlchemy element creation logic using an outbound HTTP GET request. This allows an attacker to make arbitrary HTTP requests from the Chainlit server to internal network services or cloud metadata endpoints and store the retrieved responses via the configured storage provider.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Weaknesses (CWE)

CWE-918

Affected Products (1)

chainlit · chainlit (up to 2.9.4)vulnerable

References (3)

https://github.com/Chainlit/chainlit/releases/tag/2.9.4

ProductRelease Notes

https://www.vulncheck.com/advisories/chainlit-sqlalchemy-data-layer-ssrf-via-project-element

Third Party Advisory

https://www.zafran.io/resources/chainleak-critical-ai-framework-vulnerabilities-expose-data-enable-cloud-takeover

ExploitMitigationThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs