Skip to main content

CowAgent EUVDEUVD-2026-43617

| CVE-2026-15628 LOW
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-14 VulDB GHSA-76cc-739m-wwpv
2.1
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
2.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.3 MEDIUM

Network-accessible SSRF requiring low-privilege auth (PR:L per CVSS 4.0); scope unchanged; limited C/I/A consistent with SSRF without confirmed data exfiltration primitives.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Severity Changed
Jul 14, 2026 - 04:22 NVD
MEDIUM LOW
CVSS changed
Jul 14, 2026 - 04:22 NVD
5.3 (MEDIUM) 2.1 (LOW)
Source Code Evidence Fetched
Jul 14, 2026 - 03:46 vuln.today
Analysis Generated
Jul 14, 2026 - 03:46 vuln.today
CVE Published
Jul 14, 2026 - 03:00 cve.org
MEDIUM 5.3

DescriptionCVE.org

A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1. This issue affects the function Vision._download_to_data_url of the file agent/tools/vision/vision.py of the component Vision Tool. Performing a manipulation of the argument image results in server-side request forgery. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 2.1.2 is capable of addressing this issue. The patch is named e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. The affected component should be upgraded.

AnalysisAI

Server-side request forgery in zhayujie CowAgent's Vision Tool allows authenticated remote attackers to make the server issue arbitrary HTTP requests to internal network resources. The vulnerability exists in the Vision._download_to_data_url / _build_image_content function in agent/tools/vision/vision.py, where the image argument is passed to an HTTP fetch without URL validation, enabling access to private RFC1918 addresses, loopback interfaces, and other non-public infrastructure. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to CowAgent instance
Delivery
Submit crafted internal URL as vision image argument
Exploit
_build_image_content issues unvalidated HTTP request
Execution
Server connects to internal network target (e.g., metadata service or internal API)
Impact
Internal service response returned to attacker

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session with the CowAgent instance (CVSS 4.0 PR:L). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L) yields a score of 5.3, reflecting low-complexity network-accessible exploitation requiring low privileges, with limited per-impact-category scores. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated CowAgent user submits a Vision Tool request with the image parameter set to http://169.254.169.254/latest/meta-data/ (AWS metadata endpoint) or http://10.0.0.1/admin. The CowAgent server issues the HTTP request from its own network context, receives the response, and returns content accessible only from that server's network position to the attacker. …
Remediation The primary fix is upgrading to CowAgent version 2.1.2, which is confirmed available via the vendor GitHub release at https://github.com/zhayujie/CowAgent/releases/tag/2.1.2 (patch commit e85290cddcbb5ffc9c235927f4c92e5b4c3ec264, PR https://github.com/zhayujie/CowAgent/pull/2886). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43617 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy