{"data":{"id":"1a19b176-8cb4-4cee-a545-b4915cb006c7","title":"CVE-2026-6129: A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the","summary":"A vulnerability (CVE-2026-6129) was found in the CowAgent component of zhayujie's chatgpt-on-wechat software up to version 2.0.4, where missing authentication (failure to verify user identity) in the Agent Mode Service allows attackers to perform unauthorized actions remotely. The exploit is publicly available and the developers have not yet responded to the initial report of the problem.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-6129","publishedAt":"2026-04-12T20:16:19.227Z","cveId":"CVE-2026-6129","cweIds":["CWE-287","CWE-306"],"cvssScore":"7.3","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["chatgpt-on-wechat","CowAgent"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-12T20:16:19.227Z","capecIds":["CAPEC-114","CAPEC-115"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","confidentiality"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}