Lucene search
+L

255 matches found

NVD
NVD
added 2026/07/09 5:17 p.m.6 views

CVE-2026-59214

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

9CVSS0.00285EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 4:27 p.m.4 views

OPENSUSE-SU-2026:21277-1 Security update for go-sendxmpp

This update for go-sendxmpp fixes the following issues: Changes in go-sendxmpp: - Update to 0.16.0: Added: Add Ox support to http-upload. Add Ox support for private group chats. Show error cause if joining MUCs failedi requires go-xmpp = v0.3.5. Changed: Fix --ox-delete-nodes. Fix receiving of 1-...

9.8CVSS6.8AI score0.00478EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 5:18 p.m.7 views

GHSA-W5WW-7CHG-MXCQ OpenClaw: Telegram interactive callbacks could skip commands.allowFrom

Summary Telegram interactive callbacks could skip commands.allowFrom. In affected versions, a Telegram user able to invoke an affected callback could mark the callback as an authorized sender before applying commands.allowFrom. This advisory is scoped to the named feature and configuration. It do...

8.8CVSS6AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 6:18 p.m.19 views

CVE-2026-54010

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary fileid values to their own chat message without checking whether they own or can read those files. If the attacker then shares...

8.3CVSS0.00241EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2026/06/17 1:51 p.m.20 views

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence AI provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other lar...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/12 8:25 p.m.3 views

CVE-2026-45085 Discourse: Chat misauthorization and information disclosure

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...

5.3CVSS5.9AI score0.00213EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 8:22 p.m.10 views

EUVD-2026-36582

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus...

7.5CVSS5.3AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/25 2:15 p.m.17 views

EUVD-2018-21883

Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption key. Attackers can inject malicious database records into the application's database files to unloc...

7CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/19 7:57 a.m.14 views

CVE-2026-45671

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile...

8CVSS5.7AI score0.0027EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.30 views

CVE-2026-45671

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile...

8CVSS0.0027EPSS
Exploits1References1
OSV
OSV
added 2026/05/14 8:28 p.m.7 views

GHSA-26G9-27VM-X3Q8 Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion

Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...

8CVSS5.7AI score0.0027EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/14 8:28 p.m.10 views

Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion

Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...

8CVSS5.7AI score0.0027EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/05/14 8:28 p.m.11 views

Authorization Bypass Through User-Controlled Key

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the hasaccesstofile process. An attacker can permanently delete files owned by other users, as well as read or modify their contents, by leveraging access t...

8.6CVSS5.8AI score0.0027EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 8:18 p.m.13 views

GHSA-J6W6-986J-2M2M Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) via Image URL Manipulation

Summary An application-wide Cross-Site Request Forgery CSRF vulnerability was found Open-WebUl's image uploading functionality. An attacker can set an image URL to a malicious endpoint, allowing them to perform actions on behalf of a victim user. Any authenticated user can exploit this...

4.6CVSS5.8AI score0.00165EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2026/05/14 4:7 p.m.12 views

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago...

9.8CVSS7.1AI score0.32074EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2026/05/12 3:46 p.m.20 views

Fake Claude search results lure Mac users into ClickFix attack

Researchers found that cybercriminals are using sponsored search results and shared Claude chats to lure victims into a typical ClickFix attack to install malware on macOS devices. ClickFix is a social engineering method that tricks users into infecting their own device with malware. Users are...

6.5AI score
Exploits0
EUVD
EUVD
added 2026/05/11 6:31 p.m.12 views

EUVD-2026-29138

OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been...

5.4CVSS5.8AI score0.00265EPSS
Exploits0References4
CVE
CVE
added 2026/05/11 4:46 p.m.23 views

CVE-2026-44993

OpenClaw prior to 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. This flaw allows attackers to bypass dmPolicy enforcement by triggering card-action flows within direct message conversations that...

5.4CVSS5.8AI score0.00265EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 4:46 p.m.8 views

CVE-2026-44993 OpenClaw < 2026.4.20 - Direct Message Misclassification in Feishu Card Actions

OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been...

5.4CVSS5.8AI score0.00265EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:46 p.m.9 views

CVE-2026-44993

OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been...

5.4CVSS5.8AI score0.00265EPSS
Exploits0References4
Rows per page
Query Builder