CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added yesterday•5 views

CVE-2026-54021

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS0.00044EPSS

CVE•added yesterday•10 views

CVE-2026-54021

Summary: Open WebUI prior to 0.9.6 allows any authenticated user to direct requests to arbitrary Ollama backends by appending a caller-supplied url_idx, bypassing backend-level isolation and possibly reaching restricted or disabled backends. The issue arises on index-addressed Ollama proxy routes...

6.3CVSS6AI score0.00044EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in sane-backends

A out-of-bounds read in SANE backends before version 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, known as GHSL-2020-082...

4.3CVSS6.1AI score0.01077EPSS

Exploits1References1

AstraLinux•added 5 days ago•6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

6.5CVSS6.8AI score0.00332EPSS

RedhatCVE•added 6 days ago•9 views

CVE-2026-34356

A flaw was found in Apache HTTP Server. This heap-based buffer overflow vulnerability can be exploited by a malicious backend server when using ProxyPassReverseCookie directives. This could lead to a denial of service DoS condition, making the server unavailable to legitimate users. Mitigation To...

7.5CVSS5.5AI score0.00682EPSS

Exploits0References4

Snyk•added 6 days ago•4 views

Partial String Comparison

Overview Affected versions of this package are vulnerable to Partial String Comparison via the router component. An attacker can route requests to unintended backend servers by sending crafted HTTP requests with manipulated Host headers. Remediation A fix was pushed into the master branch but not...

6.9CVSS5.9AI score0.00395EPSS

Snyk•added 6 days ago•5 views

Partial String Comparison

6.9CVSS5.9AI score0.00395EPSS

Github Security Blog•added last week•10 views

Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Summary Several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access control on these routes validates only whether the user may use the requested model, never which backend the...

6.3CVSS5.6AI score0.00044EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/06/17 12:0 a.m.•11 views

PT-2026-50592

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description Several direct, index-addressed Ollama proxy routes allow authenticated users to bypass backend isolation. The system accepts a caller-supplied url idx path parameter and uses it as a raw index in...

6.3CVSS5.9AI score0.00044EPSS

Exploits0References4

Snyk•added 2026/06/11 12:0 a.m.•3 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data. The Kryo-based persistence serializers KryoStateMachineSerialisationService / AbstractKryoStateMachineSerialisationService deserialise persisted state-machine contexts without enabling...

8.8CVSS6.5AI score

Snyk•added 2026/06/11 12:0 a.m.•4 views

Deserialization of Untrusted Data

8.8CVSS6.5AI score

F5 Networks•added 2026/06/10 7:18 p.m.•7 views

K000161670: Apache HTTP Server vulnerability CVE-2026-33523

Security Advisory Description HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

6.5CVSS5.4AI score0.00436EPSS

Exploits0

SUSE CVE•added 2026/06/10 2:28 a.m.•8 views

SUSE CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

NVD•added 2026/06/08 4:16 p.m.•13 views

Exploits0References3

CVE-2026-34356

7.5CVSS0.00682EPSS

EUVD•added 2026/06/08 3:12 p.m.•5 views

EUVD-2026-35089

CVE•added 2026/06/08 3:12 p.m.•26 views

CVE-2026-34356

CVE-2026-34356 is a heap-based buffer overflow in Apache HTTP Server (affecting 2.4.0–2.4.67) involving malicious backend servers and ProxyPassReverseCookie. The issue could allow a crash or similar impact (per CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H; base score 7.5). Fixed by upgrading to...

Exploits0References2Affected Software1

AlpineLinux•added 2026/06/08 3:12 p.m.•8 views

CVE-2026-34356