CVE-2026-4308 | frdel/agent0ai agent-zero 0.9.7 document_query.py handle_pdf_document server-side request forgery

Inserito da Angelo Barbosa | Mar 16, 2026 | CVE

A vulnerability was found in frdel/agent0ai agent-zero 0.9.7. It has been rated as critical. This affects the function handle_pdf_document of the file python/helpers/document_query.py. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2026-4308. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4308 | frdel/agent0ai agent-zero 0.9.7 document_query.py handle_pdf_document server-side request forgery

Post correlati

CVE-2026-1458 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 allocation of resources

CVE-2025-14548 | Calendar Plugin up to 1.3.16 on WordPress event_desc cross site scripting

CVE-2024-39304 | ChurchCRM up to 5.9.1 /GetText.php EID sql injection (GHSA-2rh6-gr3h-83j9)

CVE-2024-9359 | code-projects Restaurant Reservation System 1.0 /addcompany.php company sql injection