4 matches found
CVE-2026-6819
HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...
CVE-2026-6819 HKUDS OpenHarness Plugin Management Command Exposure
HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...
CVE-2026-6819
The CVE-2026-6819 issue affects HKUDS OpenHarness where the OpenHarness plugin management surface is exposed by default. Specifically, the vulnerability stems from exposing plugin lifecycle commands such as /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders, a...
PT-2026-34065
HKUDS OpenHarness prior to PR 156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state,...