CVE-2025-69207 MEDIUM

CVE-2025-69207: Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning

Vendor Khoj-Ai
Product khoj
Weakness CWE-639 · IDOR
Published February 2, 2026
Last update February 3, 2026

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion configurations with their own, resulting in data poisoning and unauthorized access to the victim's Khoj search index. This attack requires knowing the user's UUID which can be leaked through shared conversations where an AI generated image is present. This vulnerability is fixed in 2.0.0-beta.23.

Key dates

02Disclosure timeline

February 2, 2026 CVE published
February 3, 2026 Record updated