VYPR
Vendor

Hkuds

Products
5
CVEs
20
Across products
20
Status
Private

Products

5

Recent CVEs

20
  • CVE-2026-2577CriFeb 16, 2026
    risk 0.65cvss 10.0epss 0.01

    The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the…

  • CVE-2026-33654CriMar 27, 2026
    risk 0.57cvss 9.8epss 0.00

    nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module (`nanobot/channels/email.py`), allowing a remote, unauthenticated attacker to execute arbitrary LLM instructions (and…

  • CVE-2026-7551HigApr 30, 2026
    risk 0.50cvss 8.8epss 0.01

    HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text…

  • CVE-2026-6819HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.00

    HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and…

  • CVE-2026-40502HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.02

    OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler.…

  • CVE-2026-32847HigMay 28, 2026
    risk 0.49cvss 7.5epss 0.00

    DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /{full_path:path} endpoint. Attackers…

  • CVE-2026-40516HigApr 17, 2026
    risk 0.47cvss 8.3epss 0.00

    OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows attackers to access private and localhost HTTP services by manipulating tool parameters without proper validation of target addresses.…

  • CVE-2026-6823HigApr 21, 2026
    risk 0.46cvss 8.2epss 0.00

    HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access…

  • CVE-2026-35589HigApr 14, 2026
    risk 0.45cvss 8.0epss 0.00

    nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket server in bridge/src/server.ts, resulting from an incomplete remediation of CVE-2026-2577. The original fix changed the…

  • CVE-2026-40515HigApr 17, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attackers can invoke the built-in grep and glob tools with sensitive root…

  • CVE-2026-49139HigJun 1, 2026
    risk 0.39cvss epss 0.00

    Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by supplying a forged activity with an attacker-controlled serviceUrl value.…

  • CVE-2026-40503MedApr 16, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to…

  • CVE-2026-6729MedApr 20, 2026
    risk 0.34cvss 6.3epss 0.00

    HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification.…

  • CVE-2026-12203MedJun 15, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215. This affects an unknown part of the file /api/research/agents.csv of the component Research Export. Performing a manipulation results in information disclosure. Remote exploitation of…

  • CVE-2025-6773MedJun 27, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function upload_to_input_dir of the file lightrag/api/routers/document_routes.py of the component File Upload. The manipulation of the argument…

  • CVE-2026-49138MedJun 1, 2026
    risk 0.26cvss 5.0epss 0.00

    Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header.…

  • CVE-2026-49140MedJun 1, 2026
    risk 0.21cvss 4.3epss 0.00

    Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send…

  • CVE-2026-39413MedApr 8, 2026
    risk 0.20cvss 4.2epss 0.00

    LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode() call does not explicitly…

  • CVE-2026-56695Jun 23, 2026
    risk 0.00cvss epss 0.00

    OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private prompts, credentials,…

  • CVE-2026-48716Jun 18, 2026
    risk 0.00cvss epss 0.00

    nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path using the fileName field from an incoming WhatsApp document message without sanitization. The WhatsApp bridge downloads media…