CVE-2026-6606

🗓️ 20 Apr 2026 04:45:11Reported by VulDBType

CVE-2026-6606 in modelscope Agentscope allows server-side request forgery via audio block processing.

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2026-6606	20 Apr 202604:45	–	attackerkb
Circl	CVE-2026-6606	20 Apr 202607:15	–	circl
CNNVD	AgentScope 安全漏洞	20 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-6606 modelscope agentscope _agent_base.py _process_audio_block server-side request forgery	20 Apr 202604:45	–	cvelist
EUVD	EUVD-2026-23777	20 Apr 202606:31	–	euvd
Github Security Blog	AgentScope vulnerable to Server-Side Request Forgery	20 Apr 202606:31	–	github
NVD	CVE-2026-6606	20 Apr 202605:16	–	nvd
OSV	GHSA-CRX8-WPV6-JRJ2 AgentScope vulnerable to Server-Side Request Forgery	20 Apr 202606:31	–	osv
Positive Technologies	PT-2026-33712	20 Apr 202600:00	–	ptsecurity
Snyk	Server-side Request Forgery (SSRF)	20 Apr 202606:14	–	snyk

Vulners

Node

modelscope agentscopeMatch1.0.0

modelscope agentscopeMatch1.0.1

modelscope agentscopeMatch1.0.2

modelscope agentscopeMatch1.0.3

modelscope agentscopeMatch1.0.4

modelscope agentscopeMatch1.0.5

modelscope agentscopeMatch1.0.6

modelscope agentscopeMatch1.0.7

modelscope agentscopeMatch1.0.8

modelscope agentscopeMatch1.0.9

modelscope agentscopeMatch1.0.10

modelscope agentscopeMatch1.0.11

modelscope agentscopeMatch1.0.12

modelscope agentscopeMatch1.0.13

modelscope agentscopeMatch1.0.14

modelscope agentscopeMatch1.0.15

modelscope agentscopeMatch1.0.16

modelscope agentscopeMatch1.0.17

modelscope agentscopeMatch1.0.18

[
  {
    "vendor": "modelscope",
    "product": "agentscope",
    "versions": [
      {
        "version": "1.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.1",
        "status": "affected"
      },
      {
        "version": "1.0.2",
        "status": "affected"
      },
      {
        "version": "1.0.3",
        "status": "affected"
      },
      {
        "version": "1.0.4",
        "status": "affected"
      },
      {
        "version": "1.0.5",
        "status": "affected"
      },
      {
        "version": "1.0.6",
        "status": "affected"
      },
      {
        "version": "1.0.7",
        "status": "affected"
      },
      {
        "version": "1.0.8",
        "status": "affected"
      },
      {
        "version": "1.0.9",
        "status": "affected"
      },
      {
        "version": "1.0.10",
        "status": "affected"
      },
      {
        "version": "1.0.11",
        "status": "affected"
      },
      {
        "version": "1.0.12",
        "status": "affected"
      },
      {
        "version": "1.0.13",
        "status": "affected"
      },
      {
        "version": "1.0.14",
        "status": "affected"
      },
      {
        "version": "1.0.15",
        "status": "affected"
      },
      {
        "version": "1.0.16",
        "status": "affected"
      },
      {
        "version": "1.0.17",
        "status": "affected"
      },
      {
        "version": "1.0.18",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:modelscope:agentscope:*:*:*:*:*:*:*:*"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/submit/792226
vuldb	www.vuldb.com/vuln/358241/cti
vuldb	www.vuldb.com/vuln/358241
gist	www.gist.github.com/YLChen-007/4e589eec07446726612dc416a7d80820

29 Apr 2026 01:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00054

SSVC

CWE-918