CVE-2026-6129 | zhayujie chatgpt-on-wechat CowAgent up to 2.0.4 Agent Mode Service missing authentication (Issue 2741)

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability was found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. It has been classified as critical. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication.

This vulnerability is identified as CVE-2026-6129. The attack can be initiated remotely. Additionally, an exploit exists.

It is suggested to use restrictive firewalling.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-6129 | zhayujie chatgpt-on-wechat CowAgent up to 2.0.4 Agent Mode Service missing authentication (Issue 2741)

Post correlati

CVE-2024-34825 | Warfare Plugins Social Warfare Plugin up to 4.4.5.1 on WordPress cross-site request forgery

CVE-2025-14287 | MLflow up to 3.6.x os.system container code injection

CVE-2024-45272 | MB connect line mbCONNECT24/mymbCONNECT24 weak credentials (VDE-2024-068)

CVE-2026-25069 | SunFounder Pironman Dashboard up to 1.3.13 filename path traversal