|
4521
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function _normalize_rw_path of the file astrbot/core/tools/computer_tools/fs.py. This manipulation causes i…
|
CWE-285
CWE-863
Improper Authorization
Incorrect Authorization
|
CVE-2026-10211
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4522
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr_main_agent of the file astrbot/core/astr_main_agent.py. Such manipulation of the argument session_id leads…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-10212
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4523
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in AstrBotDevs AstrBot 4.23.6. This vulnerability affects unknown code of the file /api/skills/delete of the component API Endpoint. Performing a manipulation of t…
|
CWE-22
Path Traversal
|
CVE-2026-10213
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4524
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipul…
|
CWE-266
CWE-269
Incorrect Privilege Assignment
Improper Privilege Management
|
CVE-2026-10217
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4525
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorizati…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10218
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4526
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function _get_safety_warning of the file agent/tools/bash/bash.py of the component Bash Tool. Executin…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10214
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4527
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulatio…
|
CWE-307
CWE-799
mproper Restriction of Excessive Authentication Attempts
Improper Control of Interaction Frequency
|
CVE-2026-10216
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4528
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component write_file Tool. Performing a…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10219
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4529
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function _serve_plugin_skill/skill_view of the file tools/skills_tool.py. Executing a manipulation can lea…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-10220
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4530
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function _scan_memory_content of the file tools/memory_tool.py. This manipulation causes injection. The a…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-10223
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
