Vulnerabilidades em HKUDS
22 resultadosCVE-2026-40502HIGHOpenHarness Remote Administrative Command Injection via Gateway HandlerEPSS 1.7%CVE-2026-7551HIGHHKUDS OpenHarness Remote Command Execution via /bridge Slash CommandEPSS 0.6%CVE-2026-2577CRITICALNanobot Unauthenticated WhatsApp Session Hijack via WebSocket BridgeEPSS 0.6%CVE-2026-33654HIGHZero-Click Indirect Prompt Injection and Authentication Bypass via Email PollingEPSS 0.5%CVE-2026-40503HIGHOpenHarness Path Traversal Information Disclosure via /memory showEPSS 0.4%CVE-2026-12203MEDIUMHKUDS AI-Trader Research Export agents.csv information disclosureEPSS 0.4%CVE-2026-49139HIGHNanobot < 0.2.1 SSRF via Microsoft Teams Channel serviceUrl PoisoningEPSS 0.4%CVE-2026-32847HIGHDeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.pyEPSS 0.4%CVE-2026-6823HIGHHKUDS OpenHarness Insecure Default Remote Channel AllowlistEPSS 0.3%CVE-2026-6819HIGHHKUDS OpenHarness Plugin Management Command ExposureEPSS 0.3%CVE-2026-49138MEDIUMNanobot < 0.2.1 SSRF via web_fetch Tool Redirect FollowingEPSS 0.3%CVE-2026-48716HIGHnanobot: Path traversal via unsanitized WhatsApp document fileName enables arbitrary file writeEPSS 0.3%CVE-2026-49140MEDIUMNanobot < 0.2.1 Denial of Service via Matrix Media Download HandlerEPSS 0.3%CVE-2026-40515HIGHOpenHarness Permission Bypass via grep and glob root argumentEPSS 0.2%CVE-2026-6729MEDIUMHKUDS OpenHarness Session Key Collision Privilege EscalationEPSS 0.2%CVE-2026-40516HIGHOpenHarness SSRF via web_fetch and web_searchEPSS 0.2%CVE-2025-6773MEDIUMHKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversalEPSS 0.2%CVE-2026-35589HIGHnanobot: Cross-Site WebSocket Hijacking in WhatsApp Bridge (CVE-2026-2577 Fix Update)EPSS 0.2%CVE-2026-39413MEDIUMLightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG APIEPSS 0.2%CVE-2026-22682HIGHOpenHarness Improper Access Control via File ToolsEPSS 0.1%