Hkuds Vibe-trading

4 CVEs affecting Hkuds Vibe-trading. Latest disclosed: 2026-06-30. Critical: 0, High: 2.

Top CVEs affecting Hkuds Vibe-trading
CVESeverityScorePublishedSummary
CVE-2026-58170High8.32026-06-30Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitizat…
CVE-2026-58169High7.52026-06-30Vibe-Trading before 0.1.10 contains a DNS rebinding authentication bypass vulnerability that allows remote attackers to bypass bearer-token authentication by e…
CVE-2026-58173Medium6.52026-06-30Vibe-Trading before 0.1.10 contains a path traversal vulnerability that allows attackers to write files outside the intended memory root directory by supplying…
CVE-2026-58171Medium4.22026-06-30Vibe-Trading before 0.1.10 constructs the swarm run directory by joining a caller-supplied run identifier onto the runs base directory without validation in ru…