CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2026/03/10 6:28 p.m.•3 views

GO-2026-4637 WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora

WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora...

6.5CVSS5.8AI score0.00071EPSS

Exploits0References1

OSV•added 2026/03/10 6:28 p.m.•1 views

GO-2026-4638 WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora

WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora...

7.6CVSS5.8AI score0.00024EPSS

Exploits1References4

Snyk•added 2026/03/06 11:55 p.m.•2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetKnowledgeBaseByID function. An attacker can access and duplicate sensitive data from other tenants by providing the identifier of a knowledge base belonging to a different...

8.2CVSS5.8AI score0.00044EPSS

Exploits1References2

OSV•added 2026/01/12 5:39 p.m.•6 views

GO-2026-4293 WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora

WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora...

9.8CVSS7.9AI score0.00016EPSS

Exploits1References3

OSV•added 2026/01/12 5:39 p.m.•2 views

GO-2026-4292 WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora

WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora...

9.9CVSS6.9AI score0.00307EPSS

Exploits1References3