Lucene search
K

45 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-15332

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS0.00209EPSS
Exploits0References6
NVD
NVD
added 4 days ago9 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-15332 zhayujie CowAgent Message Endpoint channel.py authorization

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS0.00209EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-15332

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6Affected Software1
CVE
CVE
added 4 days ago9 views

CVE-2026-15332

Technical details about CVE-2026-15332 are not publicly available in the provided documents; monitor for updates.

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42809

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 4 days ago7 views

CVE-2026-15329

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS0.00241EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42789

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References9
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-15331 zhayujie CowAgent Skill Installation service.py _add_package path traversal

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS0.00378EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15331

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References10Affected Software1
CVE
CVE
added 4 days ago7 views

CVE-2026-15331

The CVE-2026-15331 vulnerability affects zhayujie CowAgent up to 2.1.0. The issue resides in the Skill Installation Handler’s component, specifically the _add_url/_add_package functions in agent/skills/service.py, where manipulation of the Name argument enables path traversal. A remote attack is ...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References9
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-15330 zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42788

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-15329

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS5.6AI score0.00241EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42783

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS5.6AI score0.00241EPSS
Exploits0References7
CVE
CVE
added 4 days ago10 views

CVE-2026-15329

Vulnerability CVE-2026-15329 affects zhayujie CowAgent up to version 2.1.0, specifically the Browser Tool component and its BrowserTool._do_navigate function (file agent/tools/browser/browser_tool.py). The issue is information disclosure caused by a manipulation of that function. Exploitation is ...

5.3CVSS5.6AI score0.00241EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-15329 zhayujie CowAgent Browser Tool browser_tool.py BrowserTool._do_navigate information disclosure

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS0.00241EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/05 5:30 a.m.14 views

EUVD-2026-41729

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...

6.9CVSS6.2AI score0.00453EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/05 5:30 a.m.7 views

CVE-2026-14714

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...

6.9CVSS6.2AI score0.00453EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder