Lucene search
K

15 matches found

NVD
NVD
added yesterday8 views

CVE-2026-15628

A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1. This issue affects the function Vision.downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Performing a manipulation of the argument image results in server-side request...

6.5CVSS0.00219EPSS
Exploits0References8
CVE
CVE
added yesterday11 views

CVE-2026-15628

The CVE-2026-15628 affects zhayujie chatgpt-on-wechat CowAgent ≤ 2.1.1, specifically the Vision Tool’s Vision._download_to_data_url function. A manipulation of the image argument enables server-side request forgery, allowing remote initiation of attacks. Exploitation is supported by public disclo...

6.5CVSS6.3AI score0.00219EPSS
Exploits0References8
EUVD
EUVD
added yesterday5 views

EUVD-2026-43617

A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1. This issue affects the function Vision.downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Performing a manipulation of the argument image results in server-side request...

6.5CVSS6.3AI score0.00219EPSS
Exploits0References8
NVD
NVD
added 5 days ago9 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15330 zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42788

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
CVE
CVE
added 5 days ago10 views

CVE-2026-15330

CVE-2026-15330 affects zhayujie CowAgent — Vision Tool, specifically the file vision.py, function _build_image_content/_download_to_data_url. The vulnerability arises from manipulating the input image argument, enabling remote SSRF via the Vision Tool component. Attacker could trigger remotely; e...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.6 views

CVAT.ai CVAT 安全漏洞

CVAT.ai CVAT is an open source data processing tool from CVAT.ai. A security vulnerability exists in CVAT.ai CVAT versions 2.8.1 through 2.52.0 that originates from an attacker being able to retrieve the contents of any file system directory accessible by the CVAT server, potentially leading to a...

5.3CVSS6.4AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-42258

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-42257

Malicious code in bioql PyPI...

6.2CVSS6.6AI score0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-41455

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.6 views

Computer Vision Annotation Tool 代码问题漏洞

Computer Vision Annotation Tool CVAT is a cvat.ai open source interactive video and image annotation tool for computer vision. A code issue vulnerability exists in Computer Vision Annotation Tool that originates when running certain types of serverless functions, which could allow an attacker to...

9.8CVSS7AI score0.00483EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.5 views

PT-2025-4790 · Nuclio +1 · Nuclio +1

Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions prior to 2.26.0 Description: The issue allows an attacker with an account on an affected CVAT instance to run arbitrary code in the context of the Nuclio function container. This affects CVAT...

8.7CVSS7.5AI score0.00483EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.5 views

CVAT Security Vulnerabilities

CVAT is an interactive video and image annotation tool for computer vision. A security vulnerability exists in CVAT version 2.2.0 through versions prior to 2.14.3. An attacker exploiting this vulnerability could obtain media files, annotations, settings, and other information from any project,...

7.1CVSS6.5AI score0.00206EPSS
Exploits0References3
Rows per page
Query Builder