{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5998", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-09T12:57:25.375Z", "datePublished": "2026-04-10T01:30:17.358Z", "dateUpdated": "2026-04-10T01:30:17.358Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-10T01:30:17.358Z"}, "title": "zhayujie chatgpt-on-wechat CowAgent API Memory Content Endpoint service.py dispatch path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "zhayujie", "product": "chatgpt-on-wechat CowAgent", "versions": [{"version": "2.0.0", "status": "affected"}, {"version": "2.0.1", "status": "affected"}, {"version": "2.0.2", "status": "affected"}, {"version": "2.0.3", "status": "affected"}, {"version": "2.0.4", "status": "affected"}, {"version": "2.0.5", "status": "unaffected"}], "modules": ["API Memory Content Endpoint"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 2.0.5 mitigates this issue. Patch name: 174ee0cafc9e8e9d97a23c305418251485b8aa89. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-04-09T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-09T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-09T15:02:29.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yu_Bao (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/356552", "name": "VDB-356552 | zhayujie chatgpt-on-wechat CowAgent API Memory Content Endpoint service.py dispatch path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356552/cti", "name": "VDB-356552 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/793558", "name": "Submit #793558 | zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Path Traversal Leading to Arbitrary File Read", "tags": ["third-party-advisory"]}, {"url": "https://github.com/zhayujie/chatgpt-on-wechat/issues/2734", "tags": ["issue-tracking"]}, {"url": "https://github.com/zhayujie/chatgpt-on-wechat/issues/2734#issue-4178013778", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/zhayujie/chatgpt-on-wechat/commit/174ee0cafc9e8e9d97a23c305418251485b8aa89", "tags": ["patch"]}, {"url": "https://github.com/zhayujie/chatgpt-on-wechat/releases/tag/2.0.5", "tags": ["patch"]}], "tags": ["x_open-source"]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 2.0.5 mitigates this issue. Patch name: 174ee0cafc9e8e9d97a23c305418251485b8aa89. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "id": "CVE-2026-5998", "lastModified": "2026-04-10T02:16:04.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-10T02:16:04.460", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/zhayujie/chatgpt-on-wechat/commit/174ee0cafc9e8e9d97a23c305418251485b8aa89"}, {"source": "cna@vuldb.com", "url": "https://github.com/zhayujie/chatgpt-on-wechat/issues/2734"}, {"source": "cna@vuldb.com", "url": "https://github.com/zhayujie/chatgpt-on-wechat/issues/2734#issue-4178013778"}, {"source": "cna@vuldb.com", "url": "https://github.com/zhayujie/chatgpt-on-wechat/releases/tag/2.0.5"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/793558"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356552"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356552/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.0.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.0.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.0.4"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2.0.5"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "chatgpt-on-wechat CowAgent", "source": "cna", "vendor": "zhayujie"}, "product": "chatgpt-on-wechat_cowagent", "vendor": "zhayujie"}], "analysis": {"en": {"generated_at": "2026-04-10T02:20:16.439249+00:00", "value": {"mitigation_remediation": ["Verify the current CowAgent release; if it is 2.0.4 or earlier, schedule an update immediately.", "Download the 2.0.5 release from the vendor\u2019s official GitHub releases page and apply the patch (commit 174ee0cafc9e8e9d97a23c305418251485b8aa89).", "Restart the application and confirm the path traversal check is active; test with a non\u2011existent filename to ensure the response is constrained.", "Monitor application logs for unexpected file access attempts and review network traffic for suspicious API calls.", "Enforce firewall or network segmentation to limit external reach to the CowAgent API if it is not required for business operations.", "Conduct a post\u2011patch vulnerability scan or use a unit test that attempts path traversal to verify the issue is fully resolved."], "summary": {"action": "Immediate Patch", "impact": "Remote Path Traversal granting unauthorized file access and possible code execution"}, "threat_synthesis": {"affected_systems": "This issue affects zhayujie chatgpt\u2011on\u2011wechat CowAgent versions up to and including 2.0.4. Versions 2.0.5 and later contain the vendor\u2011supplied fix (commit 174ee0cafc9e8e9d97a23c305418251485b8aa89). The vulnerability was publicly disclosed via GitHub commits and issue discussions, making it readily available to attackers using the exposed API endpoint.", "description_and_impact": "The flaw resides in the dispatch routine of the API Memory Content Endpoint in CowAgent, where an attacker can manipulate the filename argument to perform directory traversal. This vulnerability can enable an adversary to read arbitrary files on the host and, in some contexts, execute code if executable files can be accessed, as classified under CWE-22. The associated CVSS score of 6.9 indicates a moderate to high severity for confidentiality, integrity, and availability concerns.", "risk_and_exploitability": "The CVSS rating signals that an attacker can read arbitrary files with moderate effort. Although no EPSS score is reported, the existence of a published exploit and the remote nature of the attack vector increase the risk. The CVE is not listed in the CISA KEV catalog, suggesting it is not yet a widespread or highly publicized attack, yet the presence of an actively discussed exploit on open\u2011source platforms warrants vigilance. Remote exploitation is achievable by sending a crafted request to the vulnerable endpoint, requiring only network access to the service."}}}}, "created": "2026-04-10T08:36:04.821195+00:00", "updated": "2026-04-10T09:27:05.290426+00:00", "vendors": ["zhayujie", "zhayujie$PRODUCT$chatgpt-on-wechat_cowagent"]}