cbcvebase.

Github.Com Tencent Weknora vulnerabilities

10 known vulnerabilities affecting github.com/tencent_weknora.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH2MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2026-30861P2CRITICAL≥ 0.2.5, < 0.2.102026-03-07
CVE-2026-30861 [CRITICAL] CWE-78 WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation ### Summary A critical unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration validation introduced in version 2.0.5. The application allows unrestricted user registration, meaning any attacker can create an account and exp
ghsaosv
CVE-2026-30860P2CRITICAL≥ 0, < 0.2.122026-03-06
CVE-2026-30860 [CRITICAL] CWE-89 WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool ## Summary A critical Remote Code Execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL
ghsaosv
CVE-2026-22688P2CRITICAL≥ 0, < 0.2.52026-01-09
CVE-2026-22688 [CRITICAL] CWE-77 WeKnora has Command Injection in MCP stdio test WeKnora has Command Injection in MCP stdio test ### Vulnerability **Description** --- **Vulnerability Overview** This issue is a command injection vulnerability (CWE-78) that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. The root causes are as follows: - **Missing Security Filtering**: When transp
ghsaosv
CVE-2026-30855P3CRITICAL≥ 0, < 0.3.22026-03-06
CVE-2026-30855 [CRITICAL] CWE-284 WeKnora Vulnerable to Broken Access Control in Tenant Management WeKnora Vulnerable to Broken Access Control in Tenant Management ### Summary An authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This
ghsaosv
CVE-2026-22687P3MEDIUM≥ 0, < 0.2.52026-01-09
CVE-2026-22687 [MEDIUM] CWE-89 WeKnora vulnerable to SQL Injection WeKnora vulnerable to SQL Injection ### Summary After WeKnora enables its Agent service, it allows users to call database query tools. Due to lax code backend verification, attackers can use prompts to bypass query restrictions and obtain sensitive information from the target server and database. ### Details ### Source - **File**: `/internal/agent/tools/database_query.go` - **Function**: `validateAndSecureSQL()` (lines 249-373
ghsaosv
CVE-2026-30858P3HIGH≥ 0, < 0.3.02026-03-06
CVE-2026-30858 [HIGH] CWE-918 WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources ### Summary A DNS rebinding vulnerability in the `web_fetch` tool allows an unauthenticated attacker to bypass URL validation and access internal resources on the server, including private IP addresses (e.g., 127.0.0.1, 192.168.x.x). By crafting a malicious domain that reso
ghsaosv
CVE-2026-30247P3MEDIUM≥ 0, < 0.2.122026-03-05
CVE-2026-30247 [MEDIUM] CWE-918 WeKnora is Vulnerable to SSRF via Redirection WeKnora is Vulnerable to SSRF via Redirection ### Summary The application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery (SSRF) through HTTP redirects. While the backend implements comprehensive URL validation (blocking private IPs, loopback addresses, reserved hostnames, and cloud metadata endpoints), it **fails to validate redirect targets**. An attacker can bypass all protections
ghsaosv
CVE-2026-30856P3MEDIUM≥ 0, < 0.3.02026-03-06
CVE-2026-30856 [MEDIUM] CWE-706 WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection ### Summary A vulnerability involving tool name collision and indirect prompt injection allows a malicious remote MCP server to hijack tool execution. By exploiting an ambiguous naming convention in the MCP client (`mcp_{s
ghsaosv
CVE-2026-30859P3HIGH≥ 0, < 0.2.122026-03-06
CVE-2026-30859 [HIGH] CWE-284 WeKnora has Broken Access Control - Cross-Tenant Data Exposure WeKnora has Broken Access Control - Cross-Tenant Data Exposure ## Summary A broken access control vulnerability in the database query tool allows any authenticated tenant to read sensitive data belonging to other tenants, including API keys, model configurations, and private messages. The application fails to enforce tenant isolation on critical tables (`models`, `messages`, `embeddings`), enabling unau
ghsaosv
CVE-2026-30857P4MEDIUM≥ 0, < 0.3.02026-03-06
CVE-2026-30857 [MEDIUM] CWE-639 WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning ### Summary A cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone (duplicate) another tenant’s knowledge base into their own tenant by knowing/guessing the source knowledge base ID. This enables bulk data exfiltration (document/FAQ content) across tenants, making the impact critical. ##
ghsaosv
Github.Com Tencent Weknora vulnerabilities | cvebase