York Shen

**Name of the Vulnerable Software and Affected Versions** logback-core versions prior to 1.5.34 **Description** Deserialization of untrusted data in the `HardenedObjectInputStream` module allows for Object Injection, although the impact is heavily restricted. An attacker capable of influencing serialized data sent to the 'SimpleSocketServer' or 'SimpleSSLSocketServer' endpoints can instantiate Proxy objects. This issue represents a bypass of intended security restrictions, though no practical method for remote code execution or significant privilege escalation has been identified. **Recommendations** Update to a version later than 1.5.33.

**Name of the Vulnerable Software and Affected Versions** logback versions prior to 1.5.33 **Description** Deserialization of untrusted data in the `HardenedObjectInputStream` module of logback-core allows for restricted Object Injection. An attacker capable of influencing serialized data sent to the 'SimpleSocketServer' or 'SimpleSSLSocketServer' endpoints can instantiate objects from the `java.lang` and `java.util` packages that are not explicitly blocked. This issue represents a bypass of intended security restrictions, although no practical method for remote code execution or significant privilege escalation has been identified. **Recommendations** Update to a version later than 1.5.32.

**Name of the Vulnerable Software and Affected Versions** MiroFish versions prior to 0.1.2 **Description** Command injection is possible via the Inter-Process Communication component. The issue exists in the `SimulationIPCClient.send command()` function within the `backend/app/services/simulation ipc.py` file, allowing a remote attacker to execute arbitrary commands. **Recommendations** As a temporary workaround, consider restricting the use of the `SimulationIPCClient.send command()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiroFish versions prior to 0.1.2 **Description** A path traversal issue exists in the Query Parameter Handler component within the `get simulation posts()` function of the `backend/app/api/simulation.py` file. A remote attacker can trigger this by manipulating the `Platform` argument. Path traversal is a technique that allows an attacker to access files and directories that are stored outside the web root folder. **Recommendations** Update to a version later than 0.1.2. As a temporary workaround, restrict or validate the input of the `Platform` argument used in the `get simulation posts()` function.

**Name of the Vulnerable Software and Affected Versions** vanna-ai vanna versions prior to 2.0.3 **Description** An improper authorization issue exists within the Legacy Flask API component. This flaw allows a remote attacker to bypass authorization mechanisms through the manipulation of an unknown function. **Recommendations** Update to a version later than 2.0.2. As a temporary workaround, restrict access to the Legacy Flask API component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** zhatujie chatgpt-on-wechat CowAgent versions up to 2.0.4 **Description** A flaw exists in the Agent Mode Service component of zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4, allowing for missing authentication. This issue can be exploited remotely through a manipulation. The exploit is publicly available. The project was notified of the issue but has not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.