CVE-2026-15329
zhayujie CowAgent Browser Tool browser_tool.py BrowserTool._do_navigate information disclosure
CVSS Score
4.3
EPSS Score
0.2%
EPSS Percentile
15th
A vulnerability was found in zhayujie CowAgent up to 2.1.0. This issue affects the function BrowserTool._do_navigate of the file agent/tools/browser/browser_tool.py of the component Browser Tool. Performing a manipulation results in information disclosure. The attack can be initiated remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
| CWE | CWE-200 CWE-284 |
| Vendor | zhayujie |
| Product | cowagent |
| Published | Jul 10, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for zhayujie cowagent
Be the first to know when new medium vulnerabilities affecting zhayujie cowagent are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
zhayujie / CowAgent
2.0 2.1.0
References
vuldb.com: https://vuldb.com/vuln/377272 vuldb.com: https://vuldb.com/vuln/377272/cti vuldb.com: https://vuldb.com/cve/CVE-2026-15329 vuldb.com: https://vuldb.com/submit/853098 github.com: https://github.com/zhayujie/CowAgent/issues/2871 github.com: https://github.com/zhayujie/CowAgent/issues/2871#issuecomment-4922534422 github.com: https://github.com/zhayujie/CowAgent/
Credits
๐ Eric-x (VulDB User) VulDB CNA Team