Login Sign Up

CVE-2026-0612

7.5 HIGH

📋 TL;DR

The Librarian's web_fetch tool contains an information leakage vulnerability that allows attackers to retrieve arbitrary external content and proxy requests through The Librarian infrastructure. This affects all versions of The Librarian software prior to the vendor's fix. Users of The Librarian are vulnerable to data exfiltration and unauthorized request proxying.

💻 Affected Systems

Products:
  • The Librarian
Versions: All versions prior to vendor fix
Operating Systems: iOS, Likely cross-platform given web_fetch functionality
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the web_fetch tool functionality. Specific configuration details are not provided in the CVE description.

📦 What is this software?

The Librarian by Thelibrarian

View all CVEs affecting The Librarian →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could use The Librarian as a proxy to conduct attacks while hiding their origin, exfiltrate sensitive data from internal systems, or perform reconnaissance on internal networks.

🟠

Likely Case

Information leakage where attackers retrieve external content through the vulnerable system, potentially exposing internal network details or sensitive information.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, though the vulnerability still exists in the software.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability appears to be in a web_fetch tool that retrieves external content, suggesting straightforward exploitation by crafting malicious requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: All fixed versions according to vendor

Vendor Advisory: https://thelibrarian.io/

Restart Required: Yes

Instructions:

1. Update The Librarian to the latest version. 2. Restart the application/service. 3. Verify the fix is applied.

🔧 Temporary Workarounds

Disable web_fetch functionality

all

Temporarily disable or restrict access to the web_fetch tool until patching is complete.

Configuration specific - consult The Librarian documentation

Network segmentation

all

Restrict The Librarian's network access to only necessary endpoints.

Use firewall rules to limit outbound connections from The Librarian

🧯 If You Can't Patch

  • Implement strict network controls to limit The Librarian's outbound connections
  • Monitor all web_fetch tool usage and log suspicious external requests

🔍 How to Verify

Check if Vulnerable:

Check if web_fetch tool can retrieve arbitrary external URLs without proper validation

Check Version:

Check The Librarian version in application settings or via command line specific to installation

Verify Fix Applied:

Test that web_fetch tool now properly validates and restricts external content retrieval

📡 Detection & Monitoring

Log Indicators:

  • Unusual web_fetch requests to external domains
  • High volume of external content retrieval

Network Indicators:

  • Unexpected outbound connections from The Librarian to external IPs
  • Proxy-like traffic patterns

SIEM Query:

source="thelibrarian" AND (event="web_fetch" OR url_contains="http")

📊 Metadata

CVE ID: CVE-2026-0612
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score: 0.04% exploit probability (12.1th percentile)
Published: January 16, 2026
Last Updated: January 23, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON