CVE-2026-4959

HIGH

OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication

Title source: cna

Description

A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check_user of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interaction_id results in missing authentication. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-353836 | OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication

https://vuldb.com/?id.353836

Signature, Permissions Required signature permissions-required

VDB-353836 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/?ctiid.353836

Third Party Advisory third-party-advisory

Submit #777622 | OpenBMB XAgent v1.0.0 CWE-306

https://vuldb.com/?submit.777622

Exploit exploit

https://gist.github.com/YLChen-007/531ec6b169f4b9ecbc8c2f0b2cd7c5ee

Scores

CVSS v3 7.3

EPSS 0.0043

EPSS Percentile 34.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-287 CWE-306

Status published

Products (2)

openbmb/xagent 1.0.0

OpenBMB/XAgent 1.0.0

Published Mar 27, 2026

Tracked Since Mar 29, 2026