CVE-2026-57205
SimpleChat: Authenticated users can access other users' profile metadata through user IDOR endpoints
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th
SimpleChat is a secure AI conversation application with personal and group workspaces for document-grounded interactions. Prior to 0.241.203, the authenticated GET /api/user/info/<user_id> and GET /api/user/profile-image/<user_id> endpoints in application/single_app/route_backend_users.py accepted a caller-supplied user_id and read the matching Cosmos DB user-settings document without object-level authorization, allowing a low-privilege authenticated user to retrieve another user's email address, display name, and profile image. This issue is fixed in version 0.241.203.
| CWE | CWE-200 CWE-639 CWE-862 |
| Vendor | microsoft |
| Product | simplechat |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Jul 16, 2026 |
| Last Updated | Jul 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for microsoft simplechat
Be the first to know when new medium vulnerabilities affecting microsoft simplechat are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected Versions
microsoft / simplechat
< 0.241.203