All 3 CVE vulnerabilities found in nanobot, with AI-generated Chinese analysis, references, and POCs.
Vendor: HKUDS
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-35589 | nanobot: Cross-Site WebSocket Hijacking in WhatsApp Bridge (CVE-2026-2577 Fix Update) CWE-1385 | 8.0 | High | 2026-04-14 |
| CVE-2026-33654 | Zero-Click Indirect Prompt Injection and Authentication Bypass via Email Polling CWE-94 | 10.0 | - | 2026-03-27 |
| CVE-2026-2577 | Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge CWE-306 | 10.0 | Critical | 2026-02-16 |
All 3 known CVE vulnerabilities affecting nanobot with full Chinese analysis, references, and POCs where available.