336 matches found
CVE-2026-32994
The /api/v1/autotranslate.translateMessage endpoint in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12 allows any authenticated user to retrieve the full content of any message from any room private groups, direct messages, channels by simply providing the target message ID...
EUVD-2026-30835
The /api/v1/autotranslate.translateMessage endpoint in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12 allows any authenticated user to retrieve the full content of any message from any room private groups, direct messages, channels by simply providing the target message ID...
SUSE-SU-2026:1959-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...
CVE-2026-44559 Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /api/v1/channels/id/members endpoint only checks membership for group and dm channel types lines 467-469. For standard channels — including private ones — there is no...
CVE-2026-44559 Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /api/v1/channels/id/members endpoint only checks membership for group and dm channel types lines 467-469. For standard channels — including private ones — there is no...
CVE-2026-44559
Summary (CVE-2026-44559) Open WebUI’s channel membership endpoint has an access control flaw on standard channels. Prior to version 0.9.0, GET /api/v1/channels/{id}/members only enforced membership checks for channel types ‘group’ and ‘dm’; standard (including private) channels did not perform ch...
CVE-2026-44563 Open WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any model name from the user and forward the request to the Ollama backend without checking whether the...
CVE-2026-42883
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
EUVD-2026-29087
Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...
SUSE CVE-2026-43333
In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTRTOBUF pointers checkmemaccess matches PTRTOBUF via basetype which strips PTRMAYBENULL, allowing direct dereference without a null check. Map iterator ctx-key and ctx-value are PTRTOBUF |...
GHSA-C7WP-3QH5-55PV Open WebUI Missing Access Check on Channel Members Endpoint for Standard Channels
Missing Access Check on Channel Members Endpoint for Standard Channels Affected Component Channel members listing endpoint: - backend/openwebui/routers/channels.py lines 445-507, getchannelmembersbyid Affected Versions Current main branch and likely all versions with the channels feature...
Vaultwarden 安全漏洞
Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden 1.35.4 and earlier contained a security vulnerability. This vulnerability stemmed from the lack of a hasfullaccess authorization check in the getorgcollectionsdetails...
EUVD-2026-26144
Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...
Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys
Isolated paperclip instance running in authenticated mode default config on a clean Docker image matching commit b649bd4 2026.411.0-canary.8, post the 2026.410.0 patch. This advisory was verified on an unmodified build. Summary POST /api/agents/:id/keys, GET /api/agents/:id/keys, and DELETE...
[20260513] - Core - Privilege escalation through com_users batch task
An improper access check allows privlege escalation through the comusers batch task...
BIT-JOOMLA-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
Joomla! Multiple Vulnerabilities (20260302, 20260303, 20260304, 20260305, 20260306)
Joomla! is prone to multiple vulnerabilities. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
EUVD-2026-17863
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...