Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HKUDS — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting HKUDS. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by HKUDS:OpenHarnessnanobotLightRAG
CVE IDTitleCVSSSeverityPublished
CVE-2026-6823 HKUDS OpenHarness Insecure Default Remote Channel Allowlist — OpenHarnessCWE-276 8.2 High2026-04-21
CVE-2026-6819 HKUDS OpenHarness Plugin Management Command Exposure — OpenHarnessCWE-276 8.8 High2026-04-21
CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation — OpenHarnessCWE-287 6.3 Medium2026-04-20
CVE-2026-40516 OpenHarness SSRF via web_fetch and web_search — OpenHarnessCWE-918 8.3 High2026-04-17
CVE-2026-40515 OpenHarness Permission Bypass via grep and glob root argument — OpenHarnessCWE-863 7.5 High2026-04-17
CVE-2026-40502 OpenHarness Remote Administrative Command Injection via Gateway Handler — OpenHarnessCWE-862 8.8 High2026-04-16
CVE-2026-40503 OpenHarness Path Traversal Information Disclosure via /memory show — OpenHarnessCWE-22 6.5 Medium2026-04-16
CVE-2026-35589 nanobot: Cross-Site WebSocket Hijacking in WhatsApp Bridge (CVE-2026-2577 Fix Update) — nanobotCWE-1385 8.0 High2026-04-14
CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API — LightRAGCWE-347 4.2 Medium2026-04-08
CVE-2026-22682 OpenHarness Improper Access Control via File Tools — OpenHarnessCWE-863 7.1 High2026-04-07
CVE-2026-33654 Zero-Click Indirect Prompt Injection and Authentication Bypass via Email Polling — nanobotCWE-94 10.0 -2026-03-27
CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge — nanobotCWE-306 10.0 Critical2026-02-16
CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal — LightRAGCWE-22 5.3 Medium2025-06-27

This page lists every published CVE security advisory associated with HKUDS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.