Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/agents@0.0.0-fac1fe8
Typenpm
Namespace
Nameagents
Version0.0.0-fac1fe8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.3.10
Latest_non_vulnerable_version0.3.10
Affected_by_vulnerabilities
0
url VCID-43pr-du6k-d3hr
vulnerability_id VCID-43pr-du6k-d3hr
summary 
Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site
A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the AI Playground's OAuth callback handler. The error_description query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the context of the victim's session.
references
0
reference_url https://github.com/cloudflare/agents
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents
1
reference_url https://github.com/cloudflare/agents/commit/3f490d045844e4884db741afbb66ca1fe65d4093
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/commit/3f490d045844e4884db741afbb66ca1fe65d4093
2
reference_url https://github.com/cloudflare/agents/pull/841
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/pull/841
3
reference_url https://github.com/advisories/GHSA-w5cr-2qhr-jqc5
reference_id GHSA-w5cr-2qhr-jqc5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w5cr-2qhr-jqc5
4
reference_url https://github.com/cloudflare/agents/security/advisories/GHSA-w5cr-2qhr-jqc5
reference_id GHSA-w5cr-2qhr-jqc5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/security/advisories/GHSA-w5cr-2qhr-jqc5
fixed_packages
0
url pkg:npm/agents@0.3.10
purl pkg:npm/agents@0.3.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/agents@0.3.10
aliases GHSA-w5cr-2qhr-jqc5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-43pr-du6k-d3hr
1
url VCID-83qu-da4r-pyhm
vulnerability_id VCID-83qu-da4r-pyhm
summary 
Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler
Summary

A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the AI Playground's OAuth callback handler. The `error_description` query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the context of the victim's session.

Root cause

The OAuth callback handler in `site/ai-playground/src/server.ts` directly interpolated the `authError` value, sourced from the `error_description` query parameter,  into an inline `<script>` tag.

Impact

An attacker could craft a malicious link that, when clicked by a victim, would:

*  Steal user chat message history - Access all LLM interactions stored in the user's session.


*  Access connected MCP Servers - Interact with any MCP servers connected to the victim's session (public or authenticated/private), potentially allowing the attacker to perform actions on the victim's behalf


Mitigation:

*  PR:  https://github.com/cloudflare/agents/pull/841 https://github.com/cloudflare/agents/pull/841
*  Agents-sdk users should upgrade to agents@0.3.10
*  Developers using configureOAuthCallback with custom error handling in their own applications should ensure all user-controlled input is escaped before interpolation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1721
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06589
published_at 2026-06-09T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06587
published_at 2026-06-08T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06629
published_at 2026-06-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0664
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1721
1
reference_url https://github.com/cloudflare/agents
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents
2
reference_url https://github.com/cloudflare/agents/commit/3f490d045844e4884db741afbb66ca1fe65d4093
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/commit/3f490d045844e4884db741afbb66ca1fe65d4093
3
reference_url https://github.com/cloudflare/agents/pull/841
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T13:10:24Z/
url https://github.com/cloudflare/agents/pull/841
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1721
reference_id CVE-2026-1721
reference_type
scores
0
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1721
5
reference_url https://github.com/advisories/GHSA-cvhv-6xm6-c3v4
reference_id GHSA-cvhv-6xm6-c3v4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvhv-6xm6-c3v4
fixed_packages
0
url pkg:npm/agents@0.3.10
purl pkg:npm/agents@0.3.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/agents@0.3.10
aliases CVE-2026-1721, GHSA-cvhv-6xm6-c3v4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83qu-da4r-pyhm
2
url VCID-gm15-y4sr-xygx
vulnerability_id VCID-gm15-y4sr-xygx
summary 
Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
An Insecure Direct Object Reference (CWE-639) has been found to exist in createHeaderBasedEmailResolver() function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin checks, allowing an external attacker with control of these headers to route inbound mail to arbitrary Durable Object instances and namespaces.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1664
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06746
published_at 2026-06-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06704
published_at 2026-06-09T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06703
published_at 2026-06-08T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06757
published_at 2026-06-06T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06753
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1664
1
reference_url https://github.com/cloudflare/agents
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T14:38:24Z/
url https://github.com/cloudflare/agents
2
reference_url https://github.com/cloudflare/agents/blob/main/docs/email.md
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/blob/main/docs/email.md
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1664
reference_id CVE-2026-1664
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1664
4
reference_url https://github.com/advisories/GHSA-r7x9-8ph7-w8cg
reference_id GHSA-r7x9-8ph7-w8cg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r7x9-8ph7-w8cg
5
reference_url https://github.com/cloudflare/agents/security/advisories/GHSA-r7x9-8ph7-w8cg
reference_id GHSA-r7x9-8ph7-w8cg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/agents/security/advisories/GHSA-r7x9-8ph7-w8cg
fixed_packages
0
url pkg:npm/agents@0.3.7
purl pkg:npm/agents@0.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-43pr-du6k-d3hr
1
vulnerability VCID-83qu-da4r-pyhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/agents@0.3.7
aliases CVE-2026-1664, GHSA-r7x9-8ph7-w8cg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gm15-y4sr-xygx
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/agents@0.0.0-fac1fe8