PatchSiren

zhayujie CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW zhayujie CVE published 2026-07-14

CVE-2026-15628

A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1, affecting the function Vision._download_to_data_url. This issue results in server-side request forgery, allowing remote attackers to initiate an attack. The exploit has been released to the public, and upgrading to version 2.1.2 or applying the patch e85290cddcbb5ffc9c235927f4c92e5b4c3ec264 is necessary.

LOW zhayujie CVE published 2026-07-10

CVE-2026-15332

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. Users of CowAgent up to version 2.1.0 should assess the vulnerability and apply patches or mitigations as available. The vulnerability allow [truncated]

MEDIUM zhayujie CVE published 2026-07-10

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1, impacting the Vision Tool component. The functions _build_image_content and _download_to_data_url in the file agent/tools/vision/vision.py are vulnerable to server-side request forgery. The attack can be launched remotely. Upgrading to version 2.1.2 or applying the patch e85290cddcbb5ffc9c235927f4c92e5b4c3ec264 is recommended.

LOW zhayujie CVE published 2026-07-10

CVE-2026-15329

CVE-2026-15329 is an information disclosure vulnerability in CowAgent's Browser Tool. The issue affects the BrowserTool._do_navigate function in agent/tools/browser/browser_tool.py. The vulnerability allows remote attackers to disclose sensitive information. The exploit has been made public, and the project has been informed but has not responded yet. This vulnerability has a low severity and requires lim [truncated]

MEDIUM zhayujie CVE published 2026-06-01

CVE-2026-10214

A command injection vulnerability exists in the Bash Tool component of zhayujie chatgpt-on-wechat (also referenced as CowAgent) versions up to and including 2.0.8. The weakness is located in the `_get_safety_warning` function within `agent/tools/bash/bash.py`. An attacker can exploit this flaw remotely through crafted input manipulation to achieve operating system command injection. The vulnerability has [truncated]