A vulnerability, which was classified as critical , has been found in khoj-ai khoj up to 2.0.0-beta.28 . This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler . This manipulation of the argument conversation.agent causes incorrect authorization. This vulnerability is registered as CVE-2026-13508 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. The pull request to fix this issue awaits acceptan