CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2026/04/15 7:24 p.m.•0 views

CVE-2026-6129

A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...

7.5CVSS5.5AI score0.00113EPSS

Exploits0References1

EUVD•added 2026/04/12 9:30 p.m.•1 views

EUVD-2026-21744

7.5CVSS5.5AI score0.00113EPSS

Exploits0References6

CVE•added 2026/04/12 7:45 p.m.•6 views

CVE-2026-6129

The CVE-2026-6129 entry concerns zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4. The vulnerability affects the Agent Mode Service component, with root cause described as a manipulation that results in missing authentication. Attack requires no privileges and can be initiated remotely ove...

7.5CVSS6.8AI score0.00113EPSS

Exploits0References5

Cvelist•added 2026/04/12 7:45 p.m.•22 views

CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication

7.5CVSS0.00113EPSS

Exploits0References5

Vulnrichment•added 2026/04/12 7:45 p.m.•0 views

CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication

7.5CVSS5.5AI score0.00113EPSS

Exploits0References5

CNNVD•added 2026/04/12 12:0 a.m.•1 views

CowAgent 访问控制错误漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.4 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from the absence of authentication in the Agent Mode...

7.5CVSS7.2AI score0.00113EPSS

Exploits0References6

Github Security Blog•added 2026/01/27 12:55 a.m.•15 views

Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

Summary A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agent host by directly targeting their container IDs. Note: Tested on v9.0....

9.9CVSS5.8AI score0.00026EPSS

Exploits1References5Affected Software1

OSV•added 2026/01/27 12:55 a.m.•5 views

GHSA-M855-R557-5RC5 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access

8.7CVSS5.8AI score0.00026EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-16824

Malware in sbrugna...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-16237

Malware in sbrugna...

7.8CVSS7.7AI score0.00079EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-16825

Malware in sbrugna...

7.8CVSS7.7AI score0.00028EPSS

Exploits0References3

Github Security Blog•added 2025/08/25 4:1 p.m.•4 views

Safeguarding VS Code against prompt injections

The Copilot Chat extension for VS Code has been evolving rapidly over the past few months, adding a wide range of new features. Its new agent mode lets you use multiple large language models LLMs, built-in tools, and MCP servers to write code, make commit requests, and integrate with external...

7.8AI score

Exploits0

VulnCheck KEV•added 2022/11/03 12:0 a.m.•1 views

VulnCheck KEV: CVE-2017-7199

Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issue...

7.8CVSS7.1AI score0.00079EPSS

Exploits1References1

Kitploit•added 2020/01/09 11:30 a.m.•159 views

Stowaway - Multi-hop Proxy Tool For Pentesters

Stowaway is Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes multi-layer PS: The files under demo folder are Stowaway's beta version,it's still functional, you can check the detail by README.md file under the demo folder...

7.6AI score

Exploits0References3

OpenVAS•added 2017/04/20 12:0 a.m.•22 views

Tenable Nessus 6.10.x < 6.10.5 Multiple Vulnerabilities

Tenable Nessus is prone to multiple vulnerabilities when running in agent mode. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS6.5AI score0.00028EPSS

Exploits0References1

OSV•added 2017/04/19 2:59 p.m.•1 views

CVE-2017-7849

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode...

5.5CVSS5.7AI score

Exploits0References2

NVD•added 2017/04/19 2:59 p.m.•13 views

CVE-2017-7849

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode...

5.5CVSS5.3AI score0.00032EPSS

Exploits0References2

OSV•added 2017/04/19 2:59 p.m.•0 views

CVE-2017-7850

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode...

7.8CVSS5.7AI score

Exploits0References2

NVD•added 2017/04/19 2:59 p.m.•10 views

CVE-2017-7850

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode...

7.8CVSS7.7AI score0.00028EPSS

Exploits0References2

Prion•added 2017/04/19 2:59 p.m.•13 views

Design/Logic Flaw

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode...

2.1CVSS5.3AI score0.00032EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by