Github.com/tencent/weknora

This hub aggregates every CVE we track for Github.com/tencent/weknora, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 10 most recently published vulnerabilities affecting Github.com/tencent/weknora.

• CVE-2026-30861WeKnora: Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation9.9Mar 7, 2026
• CVE-2026-30860WeKnora: Remote Code Execution via SQL Injection Bypass in AI Database Query Tool9.9Mar 7, 2026
• CVE-2026-30859WeKnora: Broken Access Control - Cross-Tenant Data Exposure5.3Mar 7, 2026
• CVE-2026-30858WeKnora: DNS Rebinding Vulnerability in web_fetch Tool Allows SSRF to Internal Resources6.5Mar 7, 2026
• CVE-2026-30857WeKnora: Unauthorized Cross‑Tenant Knowledge Base Cloning5.3Mar 7, 2026
• CVE-2026-30856WeKnora: Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection5.9Mar 7, 2026
• CVE-2026-30855WeKnora: Broken Access Control in Tenant Management8.8Mar 7, 2026
• CVE-2026-30247WeKnora: SSRF via Redirection5.9Mar 7, 2026
• CVE-2026-22688WeKnora has Command Injection in MCP stdio test9.9Jan 10, 2026
• CVE-2026-22687WeKnora vulnerable to SQL Injection5.6Jan 10, 2026