No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Sat, 18 Jul 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in zhayujie CowAgent up to 2.1.1. This affects the function WebFetch.execute of the file agent/tools/web_fetch/web_fetch.py. Executing a manipulation of the argument url can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is able to mitigate this issue. This patch is called ea47f3097eed4f8295c4cb3d76ecb97e0f43d632. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | |
| Title | zhayujie CowAgent web_fetch.py WebFetch.execute server-side request forgery | |
| First Time appeared |
Zhayujie
Zhayujie cowagent |
|
| Weaknesses | CWE-918 | |
| CPEs | cpe:2.3:a:zhayujie:cowagent:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Zhayujie
Zhayujie cowagent |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-18T21:15:10.826Z
Reserved: 2026-07-18T02:37:49.144Z
Link: CVE-2026-16194
No data.
No data.
No data.
OpenCVE Enrichment
No data.