Lucene search
K

44489 matches found

Cvelist
Cvelist
added 2026/05/15 9:40 p.m.37 views

CVE-2026-44565 Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

8.1CVSS0.00454EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/15 9:40 p.m.6 views

CVE-2026-44565 Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

8.1CVSS5.8AI score0.00454EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:40 p.m.24 views

CVE-2026-44565

CVE-2026-44565 affects Open WebUI prior to 0.6.10. The upload API derives the target path from the original HTTP upload filename without validation, enabling dot-segment path traversal and arbitrary file writes to locations the web server user can access. This is fixed in 0.6.10. Mitigation guida...

8.1CVSS5.8AI score0.00454EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 9:1 p.m.38 views

CVE-2026-44566 Open WebUI: Arbitrary File Upload and Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with...

7.3CVSS0.00336EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/15 9:1 p.m.9 views

CVE-2026-44566 Open WebUI: Arbitrary File Upload and Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with...

7.3CVSS5.8AI score0.00336EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:1 p.m.23 views

CVE-2026-44566

Open WebUI prior to version 0.1.124 is affected by an arbitrary file upload and path traversal vulnerability. The issue occurs in the /rag/api/v1/doc upload endpoint, where the uploaded file’s name is derived from the HTTP request and is not validated or sanitized, allowing dot-segments in the fi...

9.8CVSS5.8AI score0.00336EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:1 p.m.5 views

CVE-2026-44566

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with...

7.3CVSS5.8AI score0.00336EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/15 4:55 p.m.13 views

Pipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded Separator

Summary A path traversal vulnerability exists in Pipecat's development runner src/pipecat/runner/run.py. When the runner is started with the --folder flag, it exposes a GET /files/filename:path download endpoint. The filename path parameter is concatenated directly onto args.folder with no...

7.5CVSS5.9AI score0.00423EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/05/15 4:55 p.m.10 views

GHSA-3363-2PH6-35WH Pipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded Separator

Summary A path traversal vulnerability exists in Pipecat's development runner src/pipecat/runner/run.py. When the runner is started with the --folder flag, it exposes a GET /files/filename:path download endpoint. The filename path parameter is concatenated directly onto args.folder with no...

7.5CVSS5.9AI score0.00423EPSS
Exploits1References6
Snyk
Snyk
added 2026/05/15 4:55 p.m.13 views

Directory Traversal

Overview pipecat-ai is an An open source framework for voice and multimodal assistants Affected versions of this package are vulnerable to Directory Traversal via the downloadfile function in the GET /files/filename:path endpoint when the process is started with the --folder flag. An attacker can...

8.7CVSS6.3AI score0.00423EPSS
Exploits1References2
OSV
OSV
added 2026/05/15 4:27 p.m.6 views

GHSA-GCMJ-C9GG-9VH6 @joplin/onenote-converter: Path traversal in OneNote importer allows overwriting arbitrary files

Summary A path traversal vulnerability in the OneNote importer allows overwriting arbitrary files on disk. Details The OneNote converter does not sanitize the names of embedded files before writing them to disk. As a result, it's possible for an attacker to create a malicious .one file that...

8.2CVSS6.2AI score0.00206EPSS
Exploits0References7
OSV
OSV
added 2026/05/15 2:3 p.m.5 views

OESA-2026-2356 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References2
OSV
OSV
added 2026/05/15 2:3 p.m.8 views

OESA-2026-2354 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/15 10:15 a.m.12 views

WordPress Quick Playground plugin <= 1.3.3 - Unauthenticated Path Traversal to Arbitrary File Read vulnerability

Unauthenticated Path Traversal to Arbitrary File Read vulnerability discovered by ? in WordPress Plugin Quick Playground versions = 1.3.3...

7.5CVSS5.8AI score0.00811EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 7:46 a.m.7 views

CVE-2026-6403 Quick Playground <= 1.3.3 - Unauthenticated Path Traversal to Arbitrary File Read via 'stylesheet' Parameter

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckplyziptheme function, which appends a user-controlled 'stylesheet' parameter directly to the theme root directory path without...

7.5CVSS5.9AI score0.00811EPSS
Exploits0References11
CVE
CVE
added 2026/05/15 7:46 a.m.13 views

CVE-2026-6403

The Quick Playground plugin for WordPress (up to version 1.3.3) is vulnerable to a Path Traversal flaw. The root cause is insufficient validation in the qckply_zip_theme() function, which directly appends a user-controlled 'stylesheet' parameter to the theme root directory path without sanitizing...

7.5CVSS5.9AI score0.00811EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 a.m.7 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

7.3CVSS6.2AI score0.00284EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.16 views

PT-2026-41386

Name of the Vulnerable Software and Affected Versions Joplin versions prior to 3.5.7 Description A path traversal issue exists in the OneNote importer. The OneNote converter fails to sanitize the names of embedded files before writing them to disk. An attacker can create a malicious .one file...

8.2CVSS6.3AI score0.00206EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.13 views

Adobe Substance 3D Designer <= 15.1.0 Multiple Vulnerabilities (APSB26-52)

The version of Adobe Substance 3D Designer installed on the remote host is prior or equal to 15.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-52 advisory. - Substance3D - Designer versions 15.1.0 and earlier are affected by a Server-Side Request Forgery...

7.8CVSS6.4AI score0.00177EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

APM – Agent Package Manager 路径遍历漏洞

APM – Agent Package Manager is an AI-based dependency management tool open sourced by Microsoft. Versions of APM prior to 0.13.0 contained a path traversal vulnerability. This vulnerability stemmed from a Windows-specific archive extraction boundary failure. When using apm install with Python 3.1...

5.5CVSS5.9AI score0.0061EPSS
Exploits0References1
Rows per page
Query Builder