9 matches found
CVE-2026-3693
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
EUVD-2026-10201
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
CVE-2026-3693
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
CVE-2026-3693 Shy2593666979 AgentChat User Endpoint user.py update_user_info resource injection
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
CVE-2026-3693
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
CVE-2026-3693 Shy2593666979 AgentChat User Endpoint user.py update_user_info resource injection
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...
CVE-2026-3693
Shy2593666979 AgentChat (up to 2.3.0) contains a vulnerability in the User Endpoint: get_user_info/update_user_info in /src/backend/agentchat/api/v1/user.py, where manipulating the argument user_id causes improper control of resource identifiers. The issue can be exploited remotely and an exploit...
PT-2026-23894
Name of the Vulnerable Software and Affected Versions Shy2593666979 AgentChat versions prior to 2.3.1 Description A flaw exists in Shy2593666979 AgentChat related to improper control of resource identifiers. The issue resides within the get user info/update user info function located in the...
AgentChat 安全漏洞
AgentChat is a multi-agent collaborative dialogue system based on large language models, developed by Shy2593663669. Versions of AgentChat 2.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter userid in the functions getuserinfo an...