SecuriTricks - CVE-2026-6608

Description

A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The manipulation results in incorrect control flow. The attack can be launched remotely. The exploit is now public and may be used. The root cause was fixed in commit 34eca62 for gradio_block_arena_named.py, but three other files were missed.

Product(s) Impacted

Vendor	Product	Versions
Lm-sys	Fastchat	<0.2.36

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-670

Always-Incorrect Control Flow Implementation

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	lm-sys	fastchat	<0.2.36	/	/	/	/	/	/	/

References

https://gist.github.com/YLChen-007/e45039d23e698222d887ee09735d9d36

https://github.com/lm-sys/FastChat/

https://github.com/lm-sys/FastChat/issues/3834

https://vuldb.com/submit/792228

https://vuldb.com/vuln/358243

https://vuldb.com/vuln/358243/cti

CVSS Score

5.5 / 10

CVSS Data - 4.0

Attack Vector: NETWORK
Attack Complexity: LOW
Attack Requirements: NONE
Privileges Required: NONE
User Interaction: NONE
Scope:
Confidentiality Impact: NONE
Integrity Impact: LOW
Availability Impact: NONE
Exploit Maturity: PROOF_OF_CONCEPT

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

View Vector String

Timeline

Published: April 20, 2026, 6:16 a.m.
Last Modified: April 20, 2026, 6:16 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

CVE-2026-6608