A vulnerability, which was classified as critical, was found in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization.
This vulnerability is cataloged as CVE-2026-15332. The attack may be launched remotely. Furthermore, there is an exploit available.
The project was informed of the problem early through an issue report but has not responded yet.