Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    8 vulnerabilities by bytedesk

    CVE-2026-3789 (GCVE-0-2026-3789)

    Vulnerability from nvd – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:27 X_Open Source
    VLAI
    Title
    Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery
    Summary
    A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.4
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-10T20:27:24.171900Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-10T20:27:30.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SpringAIGiteeRestController"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.4"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T23:32:10.815Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349756 | Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349756"
            },
            {
              "name": "VDB-349756 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349756"
            },
            {
              "name": "Submit #768044 | Bytedesk \u003c=1.3.9 SSRF",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768044"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21#issuecomment-3976672522"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21#issue-3993531226"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-08T08:25:59.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3789",
        "datePublished": "2026-03-08T23:32:10.815Z",
        "dateReserved": "2026-03-08T07:20:34.086Z",
        "dateUpdated": "2026-03-10T20:27:30.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3788 (GCVE-0-2026-3788)

    Vulnerability from nvd – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:24 X_Open Source
    VLAI
    Title
    Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery
    Summary
    A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.4
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3788",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-10T20:24:11.426508Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-10T20:24:19.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SpringAIOpenrouterRestController"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.4"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T23:32:08.523Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349755 | Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349755"
            },
            {
              "name": "VDB-349755 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349755"
            },
            {
              "name": "Submit #768043 | Bytedesk \u003c=1.3.9 SSRF",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768043"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20#issuecomment-3976672715"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20#issue-3993526693"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-08T08:25:50.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3788",
        "datePublished": "2026-03-08T23:32:08.523Z",
        "dateReserved": "2026-03-08T07:20:23.877Z",
        "dateUpdated": "2026-03-10T20:24:19.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3749 (GCVE-0-2026-3749)

    Vulnerability from nvd – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:39 X_Open Source
    VLAI
    Title
    Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload
    Summary
    A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.1
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3749",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-11T19:39:42.512760Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-11T19:39:49.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SVG File Handler"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T16:02:14.273Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349727 | Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349727"
            },
            {
              "name": "VDB-349727 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349727"
            },
            {
              "name": "Submit #768030 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768030"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19#issuecomment-3976672845"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19#issue-3993480676"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-07T21:28:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3749",
        "datePublished": "2026-03-08T16:02:14.273Z",
        "dateReserved": "2026-03-07T20:23:08.679Z",
        "dateUpdated": "2026-03-11T19:39:49.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3748 (GCVE-0-2026-3748)

    Vulnerability from nvd – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:34 X_Open Source
    VLAI
    Title
    Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload
    Summary
    A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.1
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3748",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-11T19:34:21.360154Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-11T19:34:42.331Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SVG File Handler"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T16:02:12.228Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349726 | Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349726"
            },
            {
              "name": "VDB-349726 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349726"
            },
            {
              "name": "Submit #768028 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768028"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18#issuecomment-3976672973"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18#issue-3993448721"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-07T21:28:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3748",
        "datePublished": "2026-03-08T16:02:12.228Z",
        "dateReserved": "2026-03-07T20:23:04.033Z",
        "dateUpdated": "2026-03-11T19:34:42.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3789 (GCVE-0-2026-3789)

    Vulnerability from cvelistv5 – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:27 X_Open Source
    VLAI
    Title
    Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery
    Summary
    A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.4
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-10T20:27:24.171900Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-10T20:27:30.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SpringAIGiteeRestController"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.4"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T23:32:10.815Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349756 | Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349756"
            },
            {
              "name": "VDB-349756 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349756"
            },
            {
              "name": "Submit #768044 | Bytedesk \u003c=1.3.9 SSRF",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768044"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21#issuecomment-3976672522"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/21#issue-3993531226"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-08T08:25:59.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3789",
        "datePublished": "2026-03-08T23:32:10.815Z",
        "dateReserved": "2026-03-08T07:20:34.086Z",
        "dateUpdated": "2026-03-10T20:27:30.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3788 (GCVE-0-2026-3788)

    Vulnerability from cvelistv5 – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:24 X_Open Source
    VLAI
    Title
    Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery
    Summary
    A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.4
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3788",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-10T20:24:11.426508Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-10T20:24:19.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SpringAIOpenrouterRestController"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.4"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T23:32:08.523Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349755 | Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349755"
            },
            {
              "name": "VDB-349755 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349755"
            },
            {
              "name": "Submit #768043 | Bytedesk \u003c=1.3.9 SSRF",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768043"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20#issuecomment-3976672715"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/20#issue-3993526693"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-08T08:25:50.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3788",
        "datePublished": "2026-03-08T23:32:08.523Z",
        "dateReserved": "2026-03-08T07:20:23.877Z",
        "dateUpdated": "2026-03-10T20:24:19.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3749 (GCVE-0-2026-3749)

    Vulnerability from cvelistv5 – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:39 X_Open Source
    VLAI
    Title
    Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload
    Summary
    A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.1
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3749",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-11T19:39:42.512760Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-11T19:39:49.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SVG File Handler"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T16:02:14.273Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349727 | Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349727"
            },
            {
              "name": "VDB-349727 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349727"
            },
            {
              "name": "Submit #768030 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768030"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19#issuecomment-3976672845"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/19#issue-3993480676"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-07T21:28:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3749",
        "datePublished": "2026-03-08T16:02:14.273Z",
        "dateReserved": "2026-03-07T20:23:08.679Z",
        "dateUpdated": "2026-03-11T19:39:49.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3748 (GCVE-0-2026-3748)

    Vulnerability from cvelistv5 – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:34 X_Open Source
    VLAI
    Title
    Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload
    Summary
    A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Bytedesk Affected: 1.3.0
    Affected: 1.3.1
    Affected: 1.3.2
    Affected: 1.3.3
    Affected: 1.3.4
    Affected: 1.3.5
    Affected: 1.3.6
    Affected: 1.3.7
    Affected: 1.3.8
    Affected: 1.3.9
    Unaffected: 1.4.5.1
    Credits
    ZAST.AI (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3748",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-11T19:34:21.360154Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-11T19:34:42.331Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SVG File Handler"
              ],
              "product": "Bytedesk",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.3"
                },
                {
                  "status": "affected",
                  "version": "1.3.4"
                },
                {
                  "status": "affected",
                  "version": "1.3.5"
                },
                {
                  "status": "affected",
                  "version": "1.3.6"
                },
                {
                  "status": "affected",
                  "version": "1.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.3.8"
                },
                {
                  "status": "affected",
                  "version": "1.3.9"
                },
                {
                  "status": "unaffected",
                  "version": "1.4.5.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ZAST.AI (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-08T16:02:12.228Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-349726 | Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.349726"
            },
            {
              "name": "VDB-349726 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.349726"
            },
            {
              "name": "Submit #768028 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.768028"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18#issuecomment-3976672973"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/issues/18#issue-3993448721"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/Bytedesk/bytedesk/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-07T21:28:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3748",
        "datePublished": "2026-03-08T16:02:12.228Z",
        "dateReserved": "2026-03-07T20:23:04.033Z",
        "dateUpdated": "2026-03-11T19:34:42.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }