{"data":{"id":"248fb84f-70d0-4a1a-8190-17b962a53ce8","title":"CVE-2026-6126: A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function","summary":"CVE-2026-6126 is a missing authentication vulnerability in zhayujie chatgpt-on-wechat CowAgent version 2.0.4, affecting an administrative HTTP endpoint (a web-based control interface). An attacker can remotely exploit this flaw without needing valid credentials, and the exploit code has been publicly released.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-6126","publishedAt":"2026-04-12T11:16:16.407Z","cveId":"CVE-2026-6126","cweIds":["CWE-287","CWE-306"],"cvssScore":"7.3","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["chatgpt-on-wechat","CowAgent"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-12T11:16:16.407Z","capecIds":["CAPEC-114","CAPEC-115"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}