A vulnerability was found in Kimi AI 1.0 . It has been rated as problematic . This issue affects some unknown processing of the component Web Interface . The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-39107 . The attack is possible to be carried out remotely. No exploit exists.