Skip to main content

Xagent CVE-2026-4959

| EUVD-2026-16692 MEDIUM
Missing Authentication for Critical Function (CWE-306)
2026-03-27 VulDB
Authentication Bypass Xagent
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
CVSS changed
Apr 29, 2026 - 01:11 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Mar 30, 2026 - 13:26 vuln.today
Public exploit code
EUVD ID Assigned
Mar 27, 2026 - 16:00 euvd
EUVD-2026-16692
Analysis Generated
Mar 27, 2026 - 16:00 vuln.today
CVE Published
Mar 27, 2026 - 15:31 nvd
MEDIUM 6.9

DescriptionCVE.org

A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check_user of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interaction_id results in missing authentication. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

OpenBMB XAgent 1.0.0 ShareServer WebSocket endpoint allows remote authentication bypass through manipulation of the interaction_id parameter in the check_user function, enabling unauthenticated attackers to access protected resources with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, the vendor was contacted but did not respond, and active exploitation remains possible.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS v4.0 score of 6.9 reflects a low attack complexity, no privilege requirement, and network-accessible vector (AV:N, AC:L, PR:N), indicating trivial exploitation prerequisites. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker crafts a WebSocket connection to the ShareServer endpoint and sends a manipulated interaction_id parameter that bypasses the check_user validation logic. With no authentication required (PR:N in CVSS vector) and trivial network-level complexity, the attacker gains immediate access to protected interaction resources without credentials. …
Remediation Immediate patching is the primary mitigation; however, no vendor-released patch has been identified at the time of analysis, and the vendor has not responded to early disclosure. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-4959 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy