Description
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 2.0.5 mitigates this issue. Patch name: 174ee0cafc9e8e9d97a23c305418251485b8aa89. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Published: 2026-04-10
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Path Traversal granting unauthorized file access and possible code execution
Action: Immediate Patch
AI Analysis

Impact

The flaw resides in the dispatch routine of the API Memory Content Endpoint in CowAgent, where an attacker can manipulate the filename argument to perform directory traversal. This vulnerability can enable an adversary to read arbitrary files on the host and, in some contexts, execute code if executable files can be accessed, as classified under CWE-22. The associated CVSS score of 6.9 indicates a moderate to high severity for confidentiality, integrity, and availability concerns.

Affected Systems

This issue affects zhayujie chatgpt‑on‑wechat CowAgent versions up to and including 2.0.4. Versions 2.0.5 and later contain the vendor‑supplied fix (commit 174ee0cafc9e8e9d97a23c305418251485b8aa89). The vulnerability was publicly disclosed via GitHub commits and issue discussions, making it readily available to attackers using the exposed API endpoint.

Risk and Exploitability

The CVSS rating signals that an attacker can read arbitrary files with moderate effort. Although no EPSS score is reported, the existence of a published exploit and the remote nature of the attack vector increase the risk. The CVE is not listed in the CISA KEV catalog, suggesting it is not yet a widespread or highly publicized attack, yet the presence of an actively discussed exploit on open‑source platforms warrants vigilance. Remote exploitation is achievable by sending a crafted request to the vulnerable endpoint, requiring only network access to the service.

Generated by OpenCVE AI on April 10, 2026 at 02:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify the current CowAgent release; if it is 2.0.4 or earlier, schedule an update immediately.
  • Download the 2.0.5 release from the vendor’s official GitHub releases page and apply the patch (commit 174ee0cafc9e8e9d97a23c305418251485b8aa89).
  • Restart the application and confirm the path traversal check is active; test with a non‑existent filename to ensure the response is constrained.
  • Monitor application logs for unexpected file access attempts and review network traffic for suspicious API calls.
  • Enforce firewall or network segmentation to limit external reach to the CowAgent API if it is not required for business operations.
  • Conduct a post‑patch vulnerability scan or use a unit test that attempts path traversal to verify the issue is fully resolved.

Generated by OpenCVE AI on April 10, 2026 at 02:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Zhayujie
Zhayujie chatgpt-on-wechat Cowagent
Vendors & Products Zhayujie
Zhayujie chatgpt-on-wechat Cowagent

Fri, 10 Apr 2026 01:45:00 +0000

Type Values Removed Values Added
Description A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 2.0.5 mitigates this issue. Patch name: 174ee0cafc9e8e9d97a23c305418251485b8aa89. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Title zhayujie chatgpt-on-wechat CowAgent API Memory Content Endpoint service.py dispatch path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Zhayujie Chatgpt-on-wechat Cowagent
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-10T15:54:44.452Z

Reserved: 2026-04-09T12:57:25.375Z

Link: CVE-2026-5998

cve-icon Vulnrichment

Updated: 2026-04-10T15:51:11.447Z

cve-icon NVD

Status : Deferred

Published: 2026-04-10T02:16:04.460

Modified: 2026-04-24T18:01:58.517

Link: CVE-2026-5998

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:27:05Z

Weaknesses