CVE-2026-6126 | zhayujie chatgpt-on-wechat CowAgent 2.0.4 Administrative HTTP Endpoint missing authentication (Issue 2733)

A vulnerability has been found in zhayujie chatgpt-on-wechat CowAgent 2.0.4 and classified as critical. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication.

The identification of this vulnerability is CVE-2026-6126. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is advisable to implement restrictive firewalling.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-6126 | zhayujie chatgpt-on-wechat CowAgent 2.0.4 Administrative HTTP Endpoint missing authentication (Issue 2733)

Post correlati

CVE-2024-5336 | Ruijie RG-UAC up to 20240516 vlan_add_commit.php addVlan phyport os command injection

CVE-2022-49516 | Linux Kernel up to 5.18.2 ice_get_vf_vsi return value

CVE-2025-10649 | Welcart e-Commerce Plugin up to 2.11.21 on WordPress Cookie sql injection

CVE-2024-33973 | Janobe School Attendance Monitoring System 1.0 attendance_print.php Attendance/YearLevel sql injection