目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

HKUDS 厂商漏洞列表 / CVE 中文分析 14

HKUDS 厂商相关 14 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

HKUDS 是一家专注于网络安全解决方案的厂商,提供安全产品和服务。历史上,其产品曾存在多种漏洞类型,包括远程代码执行、跨站脚本请求伪造和权限绕过等安全风险。根据最新统计,该厂商相关产品已累计报告 14 条 CVE 漏洞,其中部分漏洞曾导致未授权访问和数据泄露风险。安全社区建议用户及时更新补丁并加强访问控制措施。

上位製品 HKUDS: OpenHarness nanobot LightRAG
CVE IDタイトルCVSS深刻度公開日
CVE-2026-7551 HKUDS OpenHarness Remote Command Execution via /bridge Slash Command — OpenHarnessCWE-78 8.8 High2026-04-30
CVE-2026-6823 HKUDS OpenHarness Insecure Default Remote Channel Allowlist — OpenHarnessCWE-276 8.2 High2026-04-21
CVE-2026-6819 HKUDS OpenHarness Plugin Management Command Exposure — OpenHarnessCWE-276 8.8 High2026-04-21
CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation — OpenHarnessCWE-287 6.3 Medium2026-04-20
CVE-2026-40516 OpenHarness SSRF via web_fetch and web_search — OpenHarnessCWE-918 8.3 High2026-04-17
CVE-2026-40515 OpenHarness Permission Bypass via grep and glob root argument — OpenHarnessCWE-863 7.5 High2026-04-17
CVE-2026-40502 OpenHarness Remote Administrative Command Injection via Gateway Handler — OpenHarnessCWE-862 8.8 High2026-04-16
CVE-2026-40503 OpenHarness Path Traversal Information Disclosure via /memory show — OpenHarnessCWE-22 6.5 Medium2026-04-16
CVE-2026-35589 nanobot: Cross-Site WebSocket Hijacking in WhatsApp Bridge (CVE-2026-2577 Fix Update) — nanobotCWE-1385 8.0 High2026-04-14
CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API — LightRAGCWE-347 4.2 Medium2026-04-08
CVE-2026-22682 OpenHarness Improper Access Control via File Tools — OpenHarnessCWE-863 7.1 High2026-04-07
CVE-2026-33654 Zero-Click Indirect Prompt Injection and Authentication Bypass via Email Polling — nanobotCWE-94 10.0 -2026-03-27
CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge — nanobotCWE-306 10.0 Critical2026-02-16
CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal — LightRAGCWE-22 5.3 Medium2025-06-27

本页汇总了 HKUDS 厂商截至目前公开的全部 14 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。