Lucene search
+L

54 matches found

CVE
CVE
added 4 days ago12 views

CVE-2026-15628

The CVE-2026-15628 affects zhayujie chatgpt-on-wechat CowAgent ≤ 2.1.1, specifically the Vision Tool’s Vision._download_to_data_url function. A manipulation of the image argument enables server-side request forgery, allowing remote initiation of attacks. Exploitation is supported by public disclo...

6.5CVSS6.3AI score0.00219EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43617

A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1. This issue affects the function Vision.downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Performing a manipulation of the argument image results in server-side request...

6.5CVSS6.3AI score0.00219EPSS
Exploits0References8
NVD
NVD
added 2026/07/10 5:16 a.m.10 views

CVE-2026-15332

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS0.00209EPSS
Exploits0References6
NVD
NVD
added 2026/07/10 5:16 a.m.10 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/10 4:45 a.m.30 views

CVE-2026-15332 zhayujie CowAgent Message Endpoint channel.py authorization

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS0.00209EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:45 a.m.6 views

CVE-2026-15332

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/07/10 4:45 a.m.8 views

EUVD-2026-42809

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
OSV
OSV
added 2026/07/10 4:45 a.m.2 views

CVE-2026-15332 zhayujie CowAgent Message Endpoint channel.py authorization

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

5.3CVSS6.3AI score0.00209EPSS
Exploits0References8
CVE
CVE
added 2026/07/10 4:45 a.m.13 views

CVE-2026-15332

Technical details about CVE-2026-15332 are not publicly available in the provided documents; monitor for updates.

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2026/07/10 4:17 a.m.7 views

CVE-2026-15329

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS0.00241EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/10 4:15 a.m.7 views

EUVD-2026-42789

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References9
CVE
CVE
added 2026/07/10 4:15 a.m.7 views

CVE-2026-15331

The CVE-2026-15331 vulnerability affects zhayujie CowAgent up to 2.1.0. The issue resides in the Skill Installation Handler’s component, specifically the _add_url/_add_package functions in agent/skills/service.py, where manipulation of the Name argument enables path traversal. A remote attack is ...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/10 4:15 a.m.33 views

CVE-2026-15331 zhayujie CowAgent Skill Installation service.py _add_package path traversal

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS0.00378EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:15 a.m.7 views

CVE-2026-15331

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...

5.5CVSS5.7AI score0.00378EPSS
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:0 a.m.7 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/07/10 4:0 a.m.34 views

CVE-2026-15330 zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
OSV
OSV
added 2026/07/10 4:0 a.m.4 views

CVE-2026-15330 zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

6.9CVSS6.5AI score0.00352EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/10 4:0 a.m.7 views

EUVD-2026-42788

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/10 3:30 a.m.39 views

CVE-2026-15329 zhayujie CowAgent Browser Tool browser_tool.py BrowserTool._do_navigate information disclosure

A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool.donavigate of the file agent/tools/browser/browsertool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The...

5.3CVSS0.00241EPSS
Exploits0References7
CVE
CVE
added 2026/07/10 3:30 a.m.12 views

CVE-2026-15329

Vulnerability CVE-2026-15329 affects zhayujie CowAgent up to version 2.1.0, specifically the Browser Tool component and its BrowserTool._do_navigate function (file agent/tools/browser/browser_tool.py). The issue is information disclosure caused by a manipulation of that function. Exploitation is ...

5.3CVSS5.6AI score0.00241EPSS
Exploits0References7
Rows per page
Query Builder