CRITICAL10.0CVE-2026-30861WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation in github.com/Tencent/WeKnora >= 0.2.6, < 0.2.10
CRITICAL10.0CVE-2026-30861WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation in github.com/Tencent/WeKnora >= 0.2.5, < 0.2.10
CRITICAL10.0CVE-2026-30860WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool in github.com/Tencent/WeKnora from 0
CRITICAL10.0WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool in github.com/Tencent/WeKnora
from 0, < 0.2.12
CRITICAL9.9WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora
from 0, < 0.2.5
CRITICAL9.9WeKnora has Command Injection in MCP stdio test in github.com/Tencent/WeKnora
from 0, < 0.2.5
CRITICAL9.8WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
from 0, < 0.3.2
CRITICAL9.8WeKnora Vulnerable to Broken Access Control in Tenant Management in github.com/Tencent/WeKnora
from 0, < 0.3.1
HIGH7.5WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora
from 0, < 0.2.12
HIGH7.5WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora
from 0
HIGH7.5WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources in github.com/Tencent/WeKnora
from 0, < 0.3.0
HIGH7.5WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources in github.com/Tencent/WeKnora
from 0
MEDIUM5.9WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning in github.com/Tencent/WeKnora
from 0, < 0.3.0
MEDIUM5.9WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning in github.com/Tencent/WeKnora
from 0
MEDIUM5.9WeKnora is Vulnerable to SSRF via Redirection in github.com/Tencent/WeKnora
from 0, < 0.2.12
MEDIUM5.9WeKnora is Vulnerable to SSRF via Redirection in github.com/Tencent/WeKnora
from 0, < 0.2.12
MEDIUM5.6WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora
from 0, < 0.2.5
MEDIUM5.6WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora
from 0, < 0.2.5
MEDIUM5.4WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora
from 0
MEDIUM5.4WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora
from 0, < 0.3.0