Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.9 views

CVE-2026-43993

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...

8.2CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:29 p.m.19 views

CVE-2026-43993

CVE-2026-43993 : In JunoClaw’s WAVS bridge, the function computeDataVerify fetched agent-supplied URLs without validating the URL scheme, port, or resolved IP, enabling an SSRF vulnerability. Affected version range is prior to 0.x.y-security-1 . This could allow access to cloud-metadata and inter...

8.2CVSS5.8AI score0.0023EPSS
Exploits0References3
OSV
OSV
added 2026/05/12 4:29 p.m.4 views

CVE-2026-43993 JunoClaw: SSRF in WAVS computeDataVerify allows cloud-metadata and internal-service access

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...

8.2CVSS6AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

JunoClaw 代码问题漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions of JunoClaw prior to 0.x.y-security-1 contained code vulnerabilities. These vulnerabilities stemmed from the computeDataVerify function in the WAVS bridge, which did not validate the protocol, port, or parse the IP...

8.2CVSS5.9AI score0.0023EPSS
Exploits0References2
Rows per page
Query Builder