Security Advisories for github.com/Tencent/WeKnora in go
Critical
3 months ago
WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation
go
github.com/Tencent/WeKnora
Critical
3 months ago
WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool
go
github.com/Tencent/WeKnora
High
3 months ago
WeKnora has Broken Access Control - Cross-Tenant Data Exposure
go
github.com/Tencent/WeKnora
High
3 months ago
WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources
go
github.com/Tencent/WeKnora
Moderate
3 months ago
WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning
go
github.com/Tencent/WeKnora
Moderate
3 months ago
WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection
go
github.com/Tencent/WeKnora
Critical
3 months ago
WeKnora Vulnerable to Broken Access Control in Tenant Management
go
github.com/Tencent/WeKnora