Description
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header. Attackers can exploit the automatic HTTP redirect following behavior in the httpx library to bypass initial URL validation and cause the runtime to send outbound requests to internal hosts before final resolved URL validation is applied.
Published: 2026-06-01
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Nanobot, before version 0.2.1, contains a server‑side request forgery flaw in the web_fetch tool that allows attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header. The attacker takes advantage of the httpx library’s automatic HTTP redirect following, which bypasses initial URL validation and causes the runtime to send outbound requests to internal hosts before final resolved‑URL validation is applied. Based on the description, it is inferred that this flaw could be used to exfiltrate data or communicate with services that are otherwise inaccessible from the Internet, resulting in potential compromise of internal resources.

Affected Systems

Impact applies to the HKUDS Nanobot tool, specifically any release earlier than 0.2.1. No other vendor or product versions are listed.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity, and the EPSS score is not available. Because the vulnerability is remotely exploitable over HTTP and requires only a crafted request, it can be inferred that the likelihood of exploitation is significant for attackers who target exposed instances of Nanobot. The flaw is not listed in the CISA KEV catalog, but it can still be leveraged to gain internal network access.

Generated by OpenCVE AI on June 1, 2026 at 21:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Nanobot to version 0.2.1 or later to eliminate the SSRF vulnerability.
  • Restrict the web_fetch tool to use only whitelisted, trusted URLs or disable its redirect following feature.
  • Implement network segmentation or firewall rules that block outbound traffic from Nanobot to internal loopback or private address ranges.

Generated by OpenCVE AI on June 1, 2026 at 21:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Hkuds
Hkuds nanobot
Vendors & Products Hkuds
Hkuds nanobot

Mon, 01 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Description Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header. Attackers can exploit the automatic HTTP redirect following behavior in the httpx library to bypass initial URL validation and cause the runtime to send outbound requests to internal hosts before final resolved URL validation is applied.
Title Nanobot < 0.2.1 SSRF via web_fetch Tool Redirect Following
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N'}

Subscriptions

Hkuds Nanobot
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-02T12:24:18.160Z

Reserved: 2026-05-27T17:40:12.738Z

Link: CVE-2026-49138

cve-icon Vulnrichment

Updated: 2026-06-02T12:23:22.617Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T21:16:46.760

Modified: 2026-06-02T14:43:49.920

Link: CVE-2026-49138

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T21:45:22Z

Weaknesses