Affected by GO-2026-4637 and 4 other vulnerabilities

GO-2026-4637: WeKnora has Broken Access Control - Cross-Tenant Data Exposure in github.com/Tencent/WeKnora

GO-2026-4638: WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection in github.com/Tencent/WeKnora

GO-2026-4640: WeKnora has Unauthorized Cross‑Tenant Knowledge Base Cloning in github.com/Tencent/WeKnora

GO-2026-4641: WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool in github.com/Tencent/WeKnora

GO-2026-4643: WeKnora has DNS Rebinding Vulnerability in web_fetch Tool that Allows SSRF to Internal Resources in github.com/Tencent/WeKnora

service

package

v0.3.3 Latest Latest Go to latest Published: Mar 5, 2026 License: UNKNOWN not legal advice Imports: 69 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Tencent/WeKnora

Links

Open Source Insights

Documentation not displayed due to license restrictions.

See our license policy.

Directories ¶

Path	Synopsis
chat_pipline
file
llmcontext
memory
metric
retriever
web_search

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL