CVE-2026-5585

Tencent AI-Infra-Guard Task Detail Endpoint task_manager.go information disclosure

CVSS 6.9 MEDIUMEPSS 0.6%CWE-200 CWE-284

A vulnerability was found in Tencent AI-Infra-Guard 4.0. The affected element is an unknown function of the file common/websocket/task_manager.go of the component Task Detail Endpoint. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Productos afectados

Tencent · AI-Infra-Guard

PoCs públicas encontradas — 1

cve_referencegist.github.com/YLChen-007/fe4b834144ad535d167507c2008d4011no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://gist.github.com/YLChen-007/fe4b834144ad535d167507c2008d4011 https://vuldb.com/submit/784198 https://vuldb.com/vuln/355384 https://vuldb.com/vuln/355384/cti