Filtered by vendor Tencent
Subscribe
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-30247 | 1 Tencent | 1 Weknora | 2026-03-11 | N/A | 5.9 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery (SSRF) through HTTP redirects. While the backend implements comprehensive URL validation (blocking private IPs, loopback addresses, reserved hostnames, and cloud metadata endpoints), it fails to validate redirect targets. An attacker can bypass all protections by using a redirect chain, forcing the server to access internal services. Additionally, Docker-specific internal addresses like host.docker.internal are not blocked. This issue has been patched in version 0.2.12. | |||||
| CVE-2026-30861 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 9.9 CRITICAL |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration validation. The application allows unrestricted user registration, meaning any attacker can create an account and exploit the command injection flaw. Despite implementing a whitelist for allowed commands (npx, uvx) and blacklists for dangerous arguments and environment variables, the validation can be bypassed using the -p flag with npx node. This allows any attacker to execute arbitrary commands with the application's privileges, leading to complete system compromise. This issue has been patched in version 0.2.10. | |||||
| CVE-2026-30860 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 9.9 CRITICAL |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protections. By smuggling dangerous PostgreSQL functions inside these expressions and chaining them with large object operations and library loading capabilities, an unauthenticated attacker can achieve arbitrary code execution on the database server with database user privileges. This issue has been patched in version 0.2.12. | |||||
| CVE-2026-30859 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 5.3 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a broken access control vulnerability in the database query tool allows any authenticated tenant to read sensitive data belonging to other tenants, including API keys, model configurations, and private messages. The application fails to enforce tenant isolation on critical tables (models, messages, embeddings), enabling unauthorized cross-tenant data access with user-level authentication privileges. This issue has been patched in version 0.2.12. | |||||
| CVE-2026-30858 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 6.5 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a DNS rebinding vulnerability in the web_fetch tool allows an unauthenticated attacker to bypass URL validation and access internal resources on the server, including private IP addresses (e.g., 127.0.0.1, 192.168.x.x). By crafting a malicious domain that resolves to a public IP during validation and subsequently resolves to a private IP during execution, an attacker can access sensitive local services and potentially exfiltrate data. This issue has been patched in version 0.3.0. | |||||
| CVE-2026-30857 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 5.3 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone (duplicate) another tenant’s knowledge base into their own tenant by knowing/guessing the source knowledge base ID. This enables bulk data exfiltration (document/FAQ content) across tenants. This issue has been patched in version 0.3.0. | |||||
| CVE-2026-30855 | 1 Tencent | 1 Weknora | 2026-03-09 | N/A | 8.8 HIGH |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the impact critical. This issue has been patched in version 0.3.2. | |||||
| CVE-2026-22687 | 1 Tencent | 1 Weknora | 2026-03-06 | N/A | 5.6 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attacker can use prompt‑based bypass techniques to evade query restrictions and obtain sensitive information from the target server and database. This issue has been patched in version 0.2.5. | |||||
| CVE-2025-63945 | 1 Tencent | 1 Ioa | 2026-02-26 | N/A | 7.4 HIGH |
| A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. | |||||
| CVE-2025-63946 | 1 Tencent | 1 Pcmanager | 2026-02-26 | N/A | 7.4 HIGH |
| A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. | |||||
| CVE-2025-56230 | 1 Tencent | 1 Docs | 2026-02-10 | N/A | 7.5 HIGH |
| Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component. | |||||
| CVE-2026-22688 | 1 Tencent | 1 Weknora | 2026-01-22 | N/A | 9.9 CRITICAL |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. This issue has been patched in version 0.2.5. | |||||
| CVE-2025-13709 | 1 Tencent | 1 Tface | 2026-01-12 | N/A | 7.8 HIGH |
| Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the restore_checkpoint function. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27185. | |||||
| CVE-2025-13711 | 1 Tencent | 1 Tface | 2026-01-12 | N/A | 7.8 HIGH |
| Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the eval endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27187. | |||||
| CVE-2024-40433 | 1 Tencent | 1 Wechat | 2025-10-10 | N/A | 8.8 HIGH |
| Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate privileges via the web-view component. | |||||
| CVE-2025-11046 | 1 Tencent | 1 Weknora | 2025-10-07 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. It is advisable to upgrade the affected component. The vendor responds: "We have confirmed that the issue mentioned in the report does not exist in the latest releases". | |||||
| CVE-2024-34408 | 1 Tencent | 1 Libpag | 2025-09-19 | N/A | 5.3 MEDIUM |
| Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. | |||||
| CVE-2024-33078 | 1 Tencent | 1 Libpag | 2025-09-15 | N/A | 9.8 CRITICAL |
| Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution. | |||||
| CVE-2024-22873 | 1 Tencent | 1 Blueking Configuration Management Database | 2025-06-09 | N/A | 8.1 HIGH |
| Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request. | |||||
| CVE-2011-4867 | 2 Android, Tencent | 2 Android, Qqpphoto | 2025-04-11 | 5.8 MEDIUM | N/A |
| The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a crafted application. | |||||