CVE-2026-44565

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

EUVD-2026-30640

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

CVE-2026-44565 Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

CVE-2026-44565 Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

CVE-2026-44565

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

Open WebUI 路径遍历漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.6.10 had a path traversal vulnerability. This vulnerability arises when uploading audio files, where the file name originates from the original HTTP upload request a...

WordPress Table Block by Tableberg plugin <= 0.6.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Table Block by Tableberg versions = 0.6.9...

EUVD-2021-1803

Malware in sbrugna...

One API 代码注入漏洞

One API is an LLM API management and distribution system for JustSong individual developers. A code injection vulnerability exists in One API version 0.6.10 and earlier, which stems from a cross-site scripting attack caused by the operation of the Homepage Content parameter in the System Settings...

OpenLLM 安全漏洞

OpenLLM is an open source LLM from BentoML Open Source. A security vulnerability exists in OpenLLM version 0.6.10 that stems from a failure to validate user input and could lead to a local file inclusion attack...

@goboomtown/entities (>=0.0.14-beta <=0.0.18-beta), @goboomtown/entities-nest (>=0.0.28-beta <=1.2.7) +8 more potentially affected by CVE-2022-4942 via eslint-detailed-reporter (>=0.6.10 <=0.9.0)

eslint-detailed-reporter NPM version =0.6.10, =0.0.14-beta, =0.0.28-beta, =0.0.9-beta, =0.0.44-beta, =0.0.2, =0.0.1, =1.0.4, =0.4.0, =1.0.0, =1.0.0, =1.0.7 Source cves: CVE-2022-4942 Source advisory: OSV:GHSA-4XR4-89M5-46C7...

SUSE CVE-2019-15551

An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity...

SUSE CVE-2019-15554

An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity...

GHSA-GR58-J5WH-M333 Prototype Pollution in nis-utils

All versions of package nis-utils up to and including 0.6.10 are vulnerable to Prototype Pollution via the setValue function...

nis-model (>=0.6.0 <=0.6.22), nis-view (>=0.1.1 <=0.1.8) potentially affected by CVE-2020-7703 via nis-utils (=0.6.10)

nis-utils NPM version =0.6.10 is affected by a known vulnerability. The following packages have a transitive dependency on nis-utils and may be impacted: - nis-model =0.6.0, =0.1.1, =0.1.8 Source cves: CVE-2020-7703 Source advisory: SNYK:JS-NISUTILS-598799...

PT-2020-19726 · Nis-Utils · Nis-Utils

Name of the Vulnerable Software and Affected Versions: nis-utils versions up to and including 0.6.10 Description: The issue concerns Prototype Pollution via the setValue function. This affects all versions of the package up to and including 0.6.10. Recommendations: For versions up to and includin...

DEBIAN-CVE-2019-15554

An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity...

phpmynewsletter-rfi.txt

Product : phpMyNewsletter Tested version : 0.6.10 Website : http://gregory.kokanosky.free.fr/phpmynewsletter/ Problem : include file PHP code : °°°°°°°°°° ---- /include/customize.php ---- ---- /include/customize.php ---- Exploit : °°°°°°°°°...

phpMyNewsletter 0.6.10 (customize.php l) RFI Vulnerability

Exploit for unknown platform in category web applications ========================================================== phpMyNewsletter 0.6.10 customize.php l RFI Vulnerability ========================================================== Product : phpMyNewsletter Tested version : 0.6.10 Website :...

CVE-2006-2288

Avahi before 0.6.10 allows local users to cause a denial of service mDNS/DNS-SD service disconnect via unspecified mDNS name conflicts...