SkillCyberPunk

Security Vulnerability Scanner A Claude Code plugin that auto...

CVE-2026-6129

A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...

web-pentest-tool

🛡️ AutoPenTest — Automated Penetration Testing Tool ⚠️ DI...

CVE-2026-6126

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

EUVD-2026-21712

A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function addmcpserver of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulation of the argument command causes command injection. The attack is possible to be carried out...

EUVD-2026-21715

A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function postdata.get of the component API Endpoint. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit is publicly available and might be used...

EUVD-2026-21698

A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decodeimage of the file metagpt/utils/common.py. The manipulation of the argument imgurlorb64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit ha...

OSV-2026-563 UNKNOWN READ in bfd_getl32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=501547869 Crash type: UNKNOWN READ Crash state: bfdgetl32 m32relflo16reloc bfdperformrelocation...

PT-2026-32149

A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install plugin upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. The manipulation of the argument File results in sandbox issue. The attack can be executed...

PT-2026-32144

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1 Description A security flaw exists in FoundationAgents MetaGPT versions up to 0.8.1. The decode image function within the metagpt/utils/common.py file is susceptible to server-side request forgery...

PT-2026-32158

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

PT-2026-32186

Name of the Vulnerable Software and Affected Versions zhatujie chatgpt-on-wechat CowAgent versions up to 2.0.4 Description A flaw exists in the Agent Mode Service component of zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4, allowing for missing authentication. This issue can be exploited...

CVE-2026-5907

creationtimestamp| type| source ---|---|--- 2026-04-11 16:10:06+00:00| seen| Telegram/wpaceAWiHnKeB1QgDBbSEs0CV1Y0qbWjZiA4LmSBc26yhc 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-14 15:49:19+00:00| seen|...

CVE-2025-14551

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

EUVD-2026-21340

A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipulation of the argument BRANCHID leads to cross site scripting. Remote exploitation of the attack i...

EUVD-2026-21338

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /BranchManagement/ProfitAndLossReport.php. Executing a manipulation of the argument BRANCHID can lead to cross site scripting. The attack may be launched remotely. The exploi...

CVE-2026-6034

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /BranchManagement/ProfitAndLossReport.php. Executing a manipulation of the argument BRANCHID can lead to cross site scripting. The attack may be launched remotely. The exploi...

CVE-2026-6035

A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipulation of the argument BRANCHID leads to cross site scripting. Remote exploitation of the attack i...

CVE-2026-6035 code-projects Vehicle Showroom Management System ServiceAndSalesReport.php cross site scripting

A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipulation of the argument BRANCHID leads to cross site scripting. Remote exploitation of the attack i...