3 matches found
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2026-0766 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2026-0766 Source advisory: SNYK:PYTHON-OPENWEBUI-15091593...
CVE-2026-0766
Open WebUI loadtoolmodulebyid Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0766
creationtimestamp| type| source ---|---|--- 2026-01-09 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-032/ 2026-01-23 06:40:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md33r42wu32h 2026-01-23 08:51:48+00:00| seen|...