| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5585 | Tencent AI-Infra-Guard Task Detail Endpoint task_manager.go information disclosure | Tencent | AI-Infra-Guard | Medium | 5.3 | 2026-04-05 17:30:11 | Deep Dive |
| CVE-2026-30861 | WeKnora: Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation | Tencent | WeKnora | Critical | 9.9 | 2026-03-07 16:38:38 | Deep Dive |
| CVE-2026-30860 | WeKnora: Remote Code Execution via SQL Injection Bypass in AI Database Query Tool | Tencent | WeKnora | Critical | 9.9 | 2026-03-07 16:36:46 | Deep Dive |
| CVE-2026-30859 | WeKnora: Broken Access Control - Cross-Tenant Data Exposure | Tencent | WeKnora | Medium | 5.3 | 2026-03-07 16:35:30 | Deep Dive |
| CVE-2026-30858 | WeKnora: DNS Rebinding Vulnerability in web_fetch Tool Allows SSRF to Internal Resources | Tencent | WeKnora | Medium | 6.5 | 2026-03-07 16:34:29 | Deep Dive |
| CVE-2026-30857 | WeKnora: Unauthorized Cross‑Tenant Knowledge Base Cloning | Tencent | WeKnora | Medium | 5.3 | 2026-03-07 16:33:46 | Deep Dive |
| CVE-2026-30856 | WeKnora: Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection | Tencent | WeKnora | Medium | 5.9 | 2026-03-07 16:32:45 | Deep Dive |
| CVE-2026-30855 | WeKnora: Broken Access Control in Tenant Management | Tencent | WeKnora | High | 8.8 | 2026-03-07 16:31:11 | Deep Dive |
| CVE-2026-30247 | WeKnora: SSRF via Redirection | Tencent | WeKnora | Medium | 5.9 | 2026-03-07 03:33:27 | Deep Dive |
| CVE-2026-22688 | WeKnora has Command Injection in MCP stdio test | Tencent | WeKnora | Critical | 9.9 | 2026-01-10 03:42:00 | Deep Dive |
| CVE-2026-22687 | WeKnora vulnerable to SQL Injection | Tencent | WeKnora | Medium | 5.6 | 2026-01-10 03:41:44 | Deep Dive |
| CVE-2025-13715 | Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | FaceDetection-DSFD | - | - | 2025-12-23 21:38:56 | Deep Dive |
| CVE-2025-13709 | Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | TFace | - | - | 2025-12-23 21:34:11 | Deep Dive |
| CVE-2025-13711 | Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | TFace | - | - | 2025-12-23 21:34:06 | Deep Dive |
| CVE-2025-13706 | Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | PatrickStar | - | - | 2025-12-23 21:34:00 | Deep Dive |
| CVE-2025-13708 | Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | NeuralNLP-NeuralClassifier | - | - | 2025-12-23 21:33:56 | Deep Dive |
| CVE-2025-13716 | Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | MimicMotion | - | - | 2025-12-23 21:33:53 | Deep Dive |
| CVE-2025-13714 | Tencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | MedicalNet | - | - | 2025-12-23 21:33:48 | Deep Dive |
| CVE-2025-13710 | Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | HunyuanVideo | - | - | 2025-12-23 21:33:42 | Deep Dive |
| CVE-2025-13707 | Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution Vulnerability | Tencent | HunyuanDiT | - | - | 2025-12-23 21:33:36 | Deep Dive |