Information Disclosure Vulnerability in HKUDS AI-Trader Product
CVE-2026-12203

6.9MEDIUM

Key Information:

Vendor: Hkuds
Status: Ai-trader
Vendor: CVE Published:; 15 June 2026

What is CVE-2026-12203?

A vulnerability has been identified in the HKUDS AI-Trader that affects its Research Export component. A flaw within the file /api/research/agents.csv allows for the potential exposure of sensitive information due to improper access controls. This vulnerability can be exploited remotely, allowing attackers to gain unauthorized access to critical data. A patch has been made available which mandates authentication for agent access to research export endpoints. Applying this patch is crucial to mitigate risks associated with this vulnerability.

Affected Version(s)

AI-Trader 74caf996f78dcc0c657df8365c8544678a16e215

References

https://vuldb.com/vuln/370846

vdb-entry

https://vuldb.com/vuln/370846/cti

signaturepermissions-required

https://vuldb.com/cve/CVE-2026-12203

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
Jun 14, 2026

Credit

davidgilmore (VulDB User)

VulDB CNA Team

CVE-2026-12203 Data

JSON

Hkuds

What is CVE-2026-12203?

Affected Version(s)

References

CVSS V4

Timeline

Credit