Search criteria
4 vulnerabilities by bytedesk
CVE-2026-3789 (GCVE-0-2026-3789)
Vulnerability from cvelistv5 – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:27 X_Open Source
VLAI
Title
Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery
Summary
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised.
Severity
CWE
- CWE-918 - Server-Side Request Forgery
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.349756 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.349756 | signaturepermissions-required |
| https://vuldb.com/?submit.768044 | third-party-advisory |
| https://github.com/Bytedesk/bytedesk/issues/21 | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/21#is… | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/21#is… | exploitissue-tracking |
| https://github.com/Bytedesk/bytedesk/commit/975e3… | patch |
| https://github.com/Bytedesk/bytedesk/releases/tag… | patch |
| https://github.com/Bytedesk/bytedesk/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3789",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T20:27:24.171900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T20:27:30.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SpringAIGiteeRestController"
],
"product": "Bytedesk",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.3.1"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.3.3"
},
{
"status": "affected",
"version": "1.3.4"
},
{
"status": "affected",
"version": "1.3.5"
},
{
"status": "affected",
"version": "1.3.6"
},
{
"status": "affected",
"version": "1.3.7"
},
{
"status": "affected",
"version": "1.3.8"
},
{
"status": "affected",
"version": "1.3.9"
},
{
"status": "unaffected",
"version": "1.4.5.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZAST.AI (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl results in server-side request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.4.5.4 is able to address this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is advised."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-08T23:32:10.815Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349756 | Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349756"
},
{
"name": "VDB-349756 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349756"
},
{
"name": "Submit #768044 | Bytedesk \u003c=1.3.9 SSRF",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.768044"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/21"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/21#issuecomment-3976672522"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/21#issue-3993531226"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
},
{
"tags": [
"product"
],
"url": "https://github.com/Bytedesk/bytedesk/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-08T08:25:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3789",
"datePublished": "2026-03-08T23:32:10.815Z",
"dateReserved": "2026-03-08T07:20:34.086Z",
"dateUpdated": "2026-03-10T20:27:30.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3788 (GCVE-0-2026-3788)
Vulnerability from cvelistv5 – Published: 2026-03-08 23:32 – Updated: 2026-03-10 20:24 X_Open Source
VLAI
Title
Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery
Summary
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
Severity
CWE
- CWE-918 - Server-Side Request Forgery
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.349755 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.349755 | signaturepermissions-required |
| https://vuldb.com/?submit.768043 | third-party-advisory |
| https://github.com/Bytedesk/bytedesk/issues/20 | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/20#is… | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/20#is… | exploitissue-tracking |
| https://github.com/Bytedesk/bytedesk/commit/975e3… | patch |
| https://github.com/Bytedesk/bytedesk/releases/tag… | patch |
| https://github.com/Bytedesk/bytedesk/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3788",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T20:24:11.426508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T20:24:19.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SpringAIOpenrouterRestController"
],
"product": "Bytedesk",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.3.1"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.3.3"
},
{
"status": "affected",
"version": "1.3.4"
},
{
"status": "affected",
"version": "1.3.5"
},
{
"status": "affected",
"version": "1.3.6"
},
{
"status": "affected",
"version": "1.3.7"
},
{
"status": "affected",
"version": "1.3.8"
},
{
"status": "affected",
"version": "1.3.9"
},
{
"status": "unaffected",
"version": "1.4.5.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZAST.AI (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-08T23:32:08.523Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349755 | Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349755"
},
{
"name": "VDB-349755 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349755"
},
{
"name": "Submit #768043 | Bytedesk \u003c=1.3.9 SSRF",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.768043"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/20"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/20#issuecomment-3976672715"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/20#issue-3993526693"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.4"
},
{
"tags": [
"product"
],
"url": "https://github.com/Bytedesk/bytedesk/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-08T08:25:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3788",
"datePublished": "2026-03-08T23:32:08.523Z",
"dateReserved": "2026-03-08T07:20:23.877Z",
"dateUpdated": "2026-03-10T20:24:19.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3749 (GCVE-0-2026-3749)
Vulnerability from cvelistv5 – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:39 X_Open Source
VLAI
Title
Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload
Summary
A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
Severity
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.349727 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.349727 | signaturepermissions-required |
| https://vuldb.com/?submit.768030 | third-party-advisory |
| https://github.com/Bytedesk/bytedesk/issues/19 | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/19#is… | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/19#is… | exploitissue-tracking |
| https://github.com/Bytedesk/bytedesk/commit/975e3… | patch |
| https://github.com/Bytedesk/bytedesk/releases/tag… | patch |
| https://github.com/Bytedesk/bytedesk/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3749",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T19:39:42.512760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T19:39:49.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SVG File Handler"
],
"product": "Bytedesk",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.3.1"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.3.3"
},
{
"status": "affected",
"version": "1.3.4"
},
{
"status": "affected",
"version": "1.3.5"
},
{
"status": "affected",
"version": "1.3.6"
},
{
"status": "affected",
"version": "1.3.7"
},
{
"status": "affected",
"version": "1.3.8"
},
{
"status": "affected",
"version": "1.3.9"
},
{
"status": "unaffected",
"version": "1.4.5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZAST.AI (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 1.4.5.1 is able to resolve this issue. This patch is called 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-08T16:02:14.273Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349727 | Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349727"
},
{
"name": "VDB-349727 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349727"
},
{
"name": "Submit #768030 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.768030"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/19"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/19#issuecomment-3976672845"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/19#issue-3993480676"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/Bytedesk/bytedesk/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-07T21:28:40.000Z",
"value": "VulDB entry last update"
}
],
"title": "Bytedesk SVG File UploadRestService.java handleFileUpload unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3749",
"datePublished": "2026-03-08T16:02:14.273Z",
"dateReserved": "2026-03-07T20:23:08.679Z",
"dateUpdated": "2026-03-11T19:39:49.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3748 (GCVE-0-2026-3748)
Vulnerability from cvelistv5 – Published: 2026-03-08 16:02 – Updated: 2026-03-11 19:34 X_Open Source
VLAI
Title
Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload
Summary
A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended.
Severity
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.349726 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.349726 | signaturepermissions-required |
| https://vuldb.com/?submit.768028 | third-party-advisory |
| https://github.com/Bytedesk/bytedesk/issues/18 | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/18#is… | issue-tracking |
| https://github.com/Bytedesk/bytedesk/issues/18#is… | exploitissue-tracking |
| https://github.com/Bytedesk/bytedesk/commit/975e3… | patch |
| https://github.com/Bytedesk/bytedesk/releases/tag… | patch |
| https://github.com/Bytedesk/bytedesk/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3748",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T19:34:21.360154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T19:34:42.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SVG File Handler"
],
"product": "Bytedesk",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.3.1"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.3.3"
},
{
"status": "affected",
"version": "1.3.4"
},
{
"status": "affected",
"version": "1.3.5"
},
{
"status": "affected",
"version": "1.3.6"
},
{
"status": "affected",
"version": "1.3.7"
},
{
"status": "affected",
"version": "1.3.8"
},
{
"status": "affected",
"version": "1.3.9"
},
{
"status": "unaffected",
"version": "1.4.5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZAST.AI (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.4.5.1 is able to mitigate this issue. The patch is named 975e39e4dd527596987559f56c5f9f973f64eff7. Upgrading the affected component is recommended."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-08T16:02:12.228Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349726 | Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349726"
},
{
"name": "VDB-349726 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349726"
},
{
"name": "Submit #768028 | Bytedesk \u003c=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.768028"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/18"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/18#issuecomment-3976672973"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/Bytedesk/bytedesk/issues/18#issue-3993448721"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/commit/975e39e4dd527596987559f56c5f9f973f64eff7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Bytedesk/bytedesk/releases/tag/v1.4.5.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/Bytedesk/bytedesk/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-07T21:28:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "Bytedesk SVG File UploadRestController.java uploadFile unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3748",
"datePublished": "2026-03-08T16:02:12.228Z",
"dateReserved": "2026-03-07T20:23:04.033Z",
"dateUpdated": "2026-03-11T19:34:42.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}