Server-Side Request Forgery in Nanobot Microsoft Teams Channel Handler
CVE-2026-49139

7HIGH

Key Information:

Vendor

Hkuds

Status
Nanobot
Vendor
CVE Published:
1 June 2026

What is CVE-2026-49139?

Nanobot versions prior to 0.2.1 are vulnerable to a server-side request forgery (SSRF) flaw in the Microsoft Teams channel handler. This vulnerability enables remote attackers to exfiltrate sensitive Bot Framework bearer tokens by sending a forged activity containing a maliciously crafted serviceUrl. By manipulating the inbound activity to the Teams webhook, attackers can poison the stored conversation reference, leading to unauthorized token transmission to an external host via subsequent bot replies.

Affected Version(s)

nanobot 0

References

https://github.com/HKUDS/nanobot/releases/tag/v0.2.1
release-notes
https://github.com/HKUDS/nanobot/pull/4047
issue-tracking
https://github.com/HKUDS/nanobot/commit/232df45126bcf0f8f...
patch

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Chia Min Jun Lennon
.