Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tencent — Vulnerabilities & Security Advisories 29

Browse all 29 CVE security advisories affecting Tencent. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Tencent:WeKnoraWeChatRapidJSONTFaceHunyuanDiTTencent FoxmailHunyuan3D-1PatrickStarMedicalNetNeuralNLP-NeuralClassifierFaceDetection-DSFDMimicMotionHunyuanVideoAI-Infra-Guard
CVE IDTitleCVSSSeverityPublished
CVE-2026-5585 Tencent AI-Infra-Guard Task Detail Endpoint task_manager.go information disclosure — AI-Infra-GuardCWE-200 5.3 Medium2026-04-05
CVE-2026-30861 WeKnora: Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation — WeKnoraCWE-78 10.0 Critical2026-03-07
CVE-2026-30860 WeKnora: Remote Code Execution via SQL Injection Bypass in AI Database Query Tool — WeKnoraCWE-89 10.0 Critical2026-03-07
CVE-2026-30859 WeKnora: Broken Access Control - Cross-Tenant Data Exposure — WeKnoraCWE-284 5.3 Medium2026-03-07
CVE-2026-30858 WeKnora: DNS Rebinding Vulnerability in web_fetch Tool Allows SSRF to Internal Resources — WeKnoraCWE-918 6.5 Medium2026-03-07
CVE-2026-30857 WeKnora: Unauthorized Cross‑Tenant Knowledge Base Cloning — WeKnoraCWE-639 5.3 Medium2026-03-07
CVE-2026-30856 WeKnora: Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection — WeKnoraCWE-706 5.9 Medium2026-03-07
CVE-2026-30855 WeKnora: Broken Access Control in Tenant Management — WeKnoraCWE-284 8.8 High2026-03-07
CVE-2026-30247 WeKnora: SSRF via Redirection — WeKnoraCWE-918 5.9 Medium2026-03-07
CVE-2026-22688 WeKnora has Command Injection in MCP stdio test — WeKnoraCWE-77 10.0 Critical2026-01-10
CVE-2026-22687 WeKnora vulnerable to SQL Injection — WeKnoraCWE-89 5.6 Medium2026-01-10
CVE-2025-13715 Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution Vulnerability — FaceDetection-DSFDCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13709 Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability — TFaceCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13711 Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability — TFaceCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13706 Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability — PatrickStarCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13708 Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability — NeuralNLP-NeuralClassifierCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13716 Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability — MimicMotionCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13714 Tencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution Vulnerability — MedicalNetCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13710 Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability — HunyuanVideoCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13707 Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution Vulnerability — HunyuanDiTCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13712 Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability — HunyuanDiTCWE-502 7.8AIHighAI2025-12-23
CVE-2025-13713 Tencent Hunyuan3D-1 load_pretrained Deserialization of Untrusted Data Remote Code Execution Vulnerability — Hunyuan3D-1CWE-502 7.8AIHighAI2025-12-23
CVE-2025-11046 Tencent WeKnora test testEmbeddingModel server-side request forgery — WeKnoraCWE-918 7.3 High2025-09-26
CVE-2024-39684 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow — RapidJSONCWE-190 6.8 High2024-07-09
CVE-2024-38517 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow — RapidJSONCWE-191 6.8 High2024-07-09
CVE-2021-27247 Tencent WeChat 缓冲区错误漏洞 — WeChatCWE-125 4.3 -2021-04-14
CVE-2020-27874 Tencent WeChat 缓冲区错误漏洞 — WeChatCWE-119 8.8 -2021-02-10
CVE-2019-17151 Tencent WeChat 输入验证错误漏洞 — WeChatCWE-356 5.4 -2020-01-07
CVE-2018-11616 Tencent Foxmail 命令注入漏洞 — Tencent FoxmailCWE-78 8.8 -2018-08-30

This page lists every published CVE security advisory associated with Tencent. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.