CVE-2026-45672

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

CVE-2026-45672

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

CVE-2026-45672

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

CVE-2026-45672 Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

CVE-2026-45672 Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

CVE-2026-44641

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

EUVD-2026-30562

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

CVE-2026-44641

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

APM – Agent Package Manager 路径遍历漏洞

APM – Agent Package Manager is an open-source AI-based dependency management tool developed by Microsoft. Versions of APM prior to 0.8.12 contained a path traversal vulnerability. This vulnerability stemmed from the lack of verification that the plugin paths were within the plugin directory, whic...

NPM: open-webui Vulnerable to Stored XSS via Model Description

NPM: open-webui Vulnerable to Stored XSS via Model Description vulnerability discovered by ? in WordPress Npm open-webui versions = 0.8.12...

2c2p-integration (>=0.2.0 <=0.2.2), 2d-game-assets (=0.0.1) +5992 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (>=0.7.0 <=0.8.12)

@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.5 and more Source cves: CVE-2026-41673 Source advisory: OSV:GHSA-2V35-W6HQ-6MFW...

2c2p-integration (>=0.2.0 <=0.2.2), 2d-game-assets (=0.0.1) +5992 more potentially affected by CVE-2026-41675 via @xmldom/xmldom (>=0.7.0 <=0.8.12)

@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.5 and more Source cves: CVE-2026-41675 Source advisory: OSV:GHSA-X6WF-F3PX-WCQX...

SUSE CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

EUVD-2021-1092

Malware in sbrugna...

image_picker_android 安全漏洞

imagepickerandroid is a Flutter package open-sourced by Flutter. A security vulnerability exists in imagepickerandroid versions 0.8.5+6 through 0.8.12+17, which stems from a lack of cleanup checks on filenames, and makes it vulnerable to malicious document providers...

PT-2025-3026 · Unknown · Image Picker Android +1

Name of the Vulnerable Software and Affected Versions: image picker versions prior to 0.8.12+18 image picker android versions prior to 0.8.12+18 Description: The file names constructed within image picker are missing sanitization checks, leaving them vulnerable to malicious document providers. Th...

PT-2024-20341 · Unknown · @Blackprint/Engine

Name of the Vulnerable Software and Affected Versions: @blackprint/engine versions 0.8.12 through 0.9.1 Description: A Prototype Pollution issue allows an attacker to execute arbitrary code via the utils.setDeepProperty function of engine.min.js. This issue enables the execution of arbitrary code...

Open Networking Foundation ONOS 安全漏洞

Open Networking Foundation ONOS is an open source SDN controller open sourced by Open Networking Foundation. for building next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS onos-ric-sdk-go version 0.8.12, which stems from an infinite duplicate...

CVE-2020-7736

The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function...

PT-2020-19753 · Bmoor · Bmoor

Name of the Vulnerable Software and Affected Versions: bmoor versions prior to 0.8.12 Description: The issue concerns Prototype Pollution via the set function. Recommendations: For versions prior to 0.8.12, update to version 0.8.12 or later to resolve the issue...