Lucene search
K

5 matches found

OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4637 WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora

WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora...

6.5CVSS5.8AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2026/03/10 6:28 p.m.4 views

GO-2026-4638 WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora

WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora...

7.6CVSS5.8AI score0.00255EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/06 11:55 p.m.3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetKnowledgeBaseByID function. An attacker can access and duplicate sensitive data from other tenants by providing the identifier of a knowledge base belonging to a different...

8.2CVSS5.8AI score0.00222EPSS
Exploits1References2
OSV
OSV
added 2026/01/12 5:39 p.m.3 views

GO-2026-4292 WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora

WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora...

9.9CVSS6.9AI score0.01747EPSS
Exploits1References3
OSV
OSV
added 2026/01/12 5:39 p.m.7 views

GO-2026-4293 WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora

WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora...

9.8CVSS7.9AI score0.00353EPSS
Exploits1References3
Rows per page
Query Builder