{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40525", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-13T20:29:02.810Z", "datePublished": "2026-04-17T18:19:12.315Z", "dateUpdated": "2026-04-17T18:19:12.315Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-17T18:19:12.315Z"}, "title": "OpenViking Authentication Bypass via VikingBot OpenAPI", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-636", "description": "CWE-636 Not Failing Securely ('Fail Open')", "type": "CWE"}]}], "affected": [{"vendor": "volcengine", "product": "OpenViking", "repo": "https://github.com/volcengine/OpenViking", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "0.3.8", "versionType": "semver"}, {"status": "unaffected", "version": "c7bb1676f4d037609f041bf39e4e2bd52e8f9820", "versionType": "git"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "OpenViking prior to commit\u00a0c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the api_key configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke privileged bot-control functionality without providing a valid X-API-Key header, including submitting attacker-controlled prompts, creating or using bot sessions, and accessing downstream tools, integrations, secrets, or data accessible to the bot.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "OpenViking prior to commit&nbsp;c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the api_key configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke privileged bot-control functionality without providing a valid X-API-Key header, including submitting attacker-controlled prompts, creating or using bot sessions, and accessing downstream tools, integrations, secrets, or data accessible to the bot.<br>"}]}], "references": [{"url": "https://github.com/volcengine/OpenViking/pull/1447", "tags": ["issue-tracking"]}, {"url": "https://github.com/volcengine/OpenViking/commit/c7bb1676f4d037609f041bf39e4e2bd52e8f9820", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/openviking-authentication-bypass-via-vikingbot-openapi", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseSeverity": "CRITICAL", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}}], "credits": [{"lang": "en", "value": "Chia Min Jun Lennon", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenViking prior to commit\u00a0c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the api_key configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke privileged bot-control functionality without providing a valid X-API-Key header, including submitting attacker-controlled prompts, creating or using bot sessions, and accessing downstream tools, integrations, secrets, or data accessible to the bot."}], "id": "CVE-2026-40525", "lastModified": "2026-04-17T19:16:39.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-17T19:16:39.017", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/volcengine/OpenViking/commit/c7bb1676f4d037609f041bf39e4e2bd52e8f9820"}, {"source": "disclosure@vulncheck.com", "url": "https://github.com/volcengine/OpenViking/pull/1447"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/openviking-authentication-bypass-via-vikingbot-openapi"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-636"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.3.8]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "code_commit", "value": "c7bb1676f4d037609f041bf39e4e2bd52e8f9820"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenViking", "source": "cna", "vendor": "volcengine"}, "product": "openviking", "vendor": "volcengine"}], "analysis": {"en": {"generated_at": "2026-04-18T09:11:32.471397+00:00", "value": {"mitigation_remediation": ["Upgrade OpenViking to a version that includes the commit c7bb1676 which enforces the api_key presence", "Configure a non\u2011empty api_key value in the OpenViking settings to enable authentication enforcement", "Restrict network access to the VikingBot OpenAPI endpoints using firewall rules or network segmentation"], "summary": {"action": "Patch", "impact": "Remote Authentication Bypass allowing unauthorized bot control"}, "threat_synthesis": {"affected_systems": "The vulnerability affects OpenViking deployments by Volcengine that use any version released before the commit c7bb1676. The exposed HTTP routes of the VikingBot OpenAPI allow unrestricted access to bot functionalities and any downstream tools, integrations, secrets, or data the bot can reach.", "description_and_impact": "OpenViking prior to commit c7bb1676 contains a flaw where the authentication check in the VikingBot OpenAPI HTTP route fails when the api_key configuration value is unset or empty. This absence of authentication corresponds to CWE\u2011636 and permits any user to invoke privileged bot\u2011control endpoints without supplying a valid X\u2011API\u2011Key header.", "risk_and_exploitability": "The CVSS score of 9.1 indicates high severity. While an EPSS score is not available, the lack of a blocking check makes exploitation straightforward for attackers with network reach to the exposed service. Because the vulnerability is listed as not inside the CISA KEV catalog and no known exploits are publicly disclosed yet, the likelihood of immediate exploitation is uncertain, but the potential impact of unauthorized bot actions remains high. Attackers would likely target the open route via standard HTTP requests, bypassing authentication entirely."}}}}, "created": "2026-04-17T20:00:08.718928+00:00", "updated": "2026-04-18T09:15:15.969655+00:00", "vendors": ["volcengine", "volcengine$PRODUCT$openviking"]}