CVE-2026-43993
Published
CVSS v3
8.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1.
Sovereign AI agent economy on Cosmos — 10 CosmWasm contracts, ZK proofs, WAVS TEE attestation, DAO governance. First external integration in the official Juno skill spec.
GitHub