Eric-B

**Name of the Vulnerable Software and Affected Versions** NousResearch hermes-agent versions prior to 0.12.1 **Description** An authorization bypass exists in the resume endpoint. The issue occurs within the `resolve session by title()` function located in the `hermes state.py` file. A remote attacker can manipulate the `Title` argument to bypass authorization mechanisms. **Recommendations** Update to a version later than 0.12.0. As a temporary workaround, restrict access to the resume endpoint or avoid using the `Title` argument in that endpoint until the update is applied.

**Name of the Vulnerable Software and Affected Versions** GoClaw versions prior to 3.11.4 **Description** A server-side request forgery (SSRF) exists in the TTS Configuration Endpoint. This issue occurs within the `Import()` function of the `internal/http/tts config.go` file, allowing a remote attacker to manipulate requests. SSRF is a flaw where an attacker can force a server to make requests to an unintended location. **Recommendations** Update to version 3.11.4 or later. As a temporary workaround, restrict access to the `Import()` function within the TTS Configuration Endpoint.

**Name of the Vulnerable Software and Affected Versions** GoClaw versions prior to 3.11.4 **Description** Improper authorization occurs in the `auth()` function within the `internal/http/evolution handlers.go` file. This flaw allows a remote attacker to bypass authorization mechanisms. **Recommendations** Update to a version later than 3.11.3. As a temporary workaround, restrict access to the `auth()` function in the `internal/http/evolution handlers.go` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** nextlevelbuilder GoClaw versions prior to 3.11.4 **Description** A flaw in the RoleAdmin Gateway component allows for improper privilege management. The issue resides within the `handleSave()` function located in the `internal/http/tts config.go` file, which can be exploited remotely. **Recommendations** Update to a version later than 3.11.3. As a temporary workaround, restrict access to the `handleSave()` function in the `internal/http/tts config.go` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GoClaw versions prior to 3.11.4 **Description** Remote OS command injection is possible through the manipulation of the `FsBridge.WriteFile()` function within the `internal/sandbox/fsbridge.go` file of the `write file` Tool component. **Recommendations** Update to a version later than 3.11.3. As a temporary workaround, restrict the use of the `FsBridge.WriteFile()` function until the fix is officially accepted and released.

**Name of the Vulnerable Software and Affected Versions** unitedbyai droidclaw versions prior to 0.5.4 **Description** An issue exists in the claim Endpoint within the file `server/src/routes/pairing.ts` where an unknown function fails to properly restrict excessive authentication attempts. This allows for a remote attack, although it is characterized by high complexity and difficult exploitability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** adenhq hive versions prior to 0.11.0 **Description** A path traversal issue exists in the Delete Request Handler component. A remote attacker can perform a manipulation affecting the ` read events tail()` function within the `core/framework/server/routes sessions.py` file, allowing unauthorized access to the file system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the ` read events tail()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** fishaudio Bert-VITS2 versions up to 8f7fbd8c4770965225d258db548da27dc8dd934c **Description** A path traversal issue exists in the Gradio Interface component. A remote attacker can manipulate the `data dir` argument within the `generate config()` function of the `webui preprocess.py` file to access files and directories outside the intended folder. **Recommendations** Update fishaudio Bert-VITS2 to a version later than 8f7fbd8c4770965225d258db548da27dc8dd934c. As a temporary workaround, restrict access to the `generate config()` function in `webui preprocess.py` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** fishaudio Bert-VITS2 versions prior to 8f7fbd8c4770965225d258db548da27dc8dd934c **Description** A path traversal flaw exists in the Model Handler component, specifically within the ` get all models()` function of the `hiyoriUI.py` file. This issue allows a remote attacker to manipulate file paths to access unauthorized directories. **Recommendations** Update fishaudio Bert-VITS2 to a version later than 8f7fbd8c4770965225d258db548da27dc8dd934c. As a temporary workaround, restrict access to the ` get all models()` function in the `hiyoriUI.py` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** VectifyAI PageIndex versions prior to f50e52975313c6716c02b20a119577a1929decba **Description** A security flaw in the PDF Table of Contents Handler component allows a remote attacker to trigger an infinite loop. This issue occurs within the `toc transformer()` function located in the `pageindex/page index.py` file. **Recommendations** Update to a version later than f50e52975313c6716c02b20a119577a1929decba. As a temporary workaround, consider restricting the use of the `toc transformer()` function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59 **Description** A flaw in the `cheshire cat core` component, specifically within the `recall relevant memories to working memory()` function located in the `core/cat/looking glass/stray cat.py` file, allows for remote exploitation. This issue leads to excessive resource consumption. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the `recall relevant memories to working memory()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ChatGPTNextWeb NextChat versions prior to 2.16.2 **Description** A server-side request forgery (SSRF) exists in the Artifacts Endpoint component. The issue resides in the `storeUrl()` function within the `app/api/artifacts/route.ts` file, where improper manipulation of the `ID` argument allows a remote attacker to initiate unauthorized requests from the server. **Recommendations** Update to a version later than 2.16.1. As a temporary workaround, restrict access to the `storeUrl()` function in the `app/api/artifacts/route.ts` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ChatGPTNextWeb NextChat versions prior to 2.16.2 **Description** A server-side request forgery (SSRF) flaw exists in the `proxyHandler()` function within the file `app/api/[provider]/[...path]/route.ts`. This issue allows a remote attacker to manipulate requests to perform unauthorized server-side requests. **Recommendations** Update to a version newer than 2.16.1. As a temporary workaround, restrict access to the `proxyHandler()` function in the `app/api/[provider]/[...path]/route.ts` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SmythOS sre versions prior to 0.0.16 **Description** A weakness in the Connector Service component, specifically within the `packages/sdk/src/LLM/utils.ts` file, allows for remote information disclosure. This occurs through the manipulation of the `baseURL` argument in an unspecified function. **Recommendations** Update SmythOS sre to a version later than 0.0.15. As a temporary workaround, restrict or monitor the use of the `baseURL` argument within the Connector Service to minimize the risk of information disclosure.

**Name of the Vulnerable Software and Affected Versions** coze-studio versions prior to 0.5.2 **Description** A SQL injection issue exists in the `databaseTool` component within the `ExecuteSQL()` function of the `backend/domain/memory/database/service/database impl.go` file. This flaw allows a remote attacker to perform manipulations that result in unauthorized SQL command execution. **Recommendations** Update to a version later than 0.5.1. As a temporary workaround, restrict access to the `ExecuteSQL()` function within the `databaseTool` component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SmythOS sre versions prior to 0.0.16 **Description** Improper authentication can be triggered remotely via the HTTP Header Handler component. Specifically, manipulating the `X-DEBUG-RUN` or `X-DEBUG-INJ` arguments within the `AgentRuntime()` function located in the `packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts` file allows for this issue. **Recommendations** As a temporary workaround, restrict or disable the use of the `X-DEBUG-RUN` and `X-DEBUG-INJ` arguments in the HTTP Header Handler until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sinaptik AI PandasAI versions up to 0.1.4 **Description** A SQL injection issue exists in the `pandasai-lancedb` Extension within Sinaptik AI PandasAI. The issue is located in the file `extensions/ee/vectorstores/lancedb/pandasai lancedb/lancedb.py` and affects the following functions: `delete question and answers`, `delete docs`, `update question answer`, `update docs`, `get relevant question answers by id`, and `get relevant docs by id`. This manipulation can be launched remotely and the exploit is publicly available. **Recommendations** Versions prior to 0.1.4 should be updated. As a temporary workaround, consider restricting access to the `pandasai-lancedb` Extension to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** wandb OpenUI versions up to 1.0 **Description** A cross site scripting issue exists in the file frontend/public/annotator/index.html of the Window Message Event Handler component. This manipulation can be initiated remotely and the exploit has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wandb OpenUI versions up to 1.0/3.5-turb **Description** A flaw exists in wandb OpenUI that allows information disclosure through error messages. The issue is located in the `generic exception handler` function within the `backend/openui/server.py` file, specifically related to the manipulation of the `key` argument. Local network access is required for exploitation. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** Versions prior to 1.0/3.5-turb should be used.

**Name of the Vulnerable Software and Affected Versions** wandb OpenUI versions up to 0.0.0.0/1.0 **Description** A security issue exists in wandb OpenUI related to hard-coded credentials. The manipulation of the `LITELLM MASTER KEY` argument within the file `backend/openui/config.py` can lead to exposure of these credentials. The exploit is publicly available and requires local access to initiate an attack. The vendor was informed of this issue but did not respond. **Recommendations** Versions prior to 0.0.0.0/1.0 should be updated. As a temporary workaround, consider restricting access to the `backend/openui/config.py` file to minimize the risk of exploitation.