3 matches found
CVE-2026-14714
CVE-2026-14714 affects zhayujie CowAgent 2.1.0's wx Endpoint (component wx) via verify_server in channel/wechatmp/common.py. An attacker can manipulate the wechatmp_token to bypass authentication, with remote exploitability and a public PoC. The issue is fixed in 2.1.1; patch name is 3d7c68bac6ee...
CVE-2026-14714
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...
EUVD-2026-41729
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verifyserver of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmptoken causes missing authentication. The attack may be initiated...