8763 matches found
CVE-2026-5027
The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...
CVE-2026-5027
The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...
CVE-2026-5027
Langflow
OESA-2026-1719 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2026-1717 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
Cross Site Scripting(XSS)
github.com/xyproto/algernon is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of filename inputs, which allows an attacker to inject a crafted payload and execute arbitrary code...
EUVD-2026-16422
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-28786
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...
PT-2026-28741
Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.10.0 Description A path traversal flaw exists in the 'POST /api/v2/files' endpoint due to inadequate sanitization of the filename parameter within multipart form data. This allows an attacker to use traversal...
Langflow 安全漏洞
Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Langflow has a security vulnerability that stems from the lack of cleanup of the filename parameter in the multipart form data when the endpoint POST /api/v2/files is used. This...
CVE-2026-28786 Open WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions`
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...
CVE-2026-28786
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...
CVE-2026-1556
A flaw was found in Drupal File Field Paths. This information disclosure vulnerability allows authenticated users to disclose other users’ private files. This can be exploited by performing filename-collision uploads, which causes the system to receive incorrect file Uniform Resource Identifiers...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
UBUNTU-CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556 Information disclosure via file URI overwrite in File (Field) Paths
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
CVE-2026-1556 affects Drupal 7.x (File (Field) Paths module). The vulnerability arises in the processing of file URIs for File (Field) Paths when filenames collide during uploads, allowing an authenticated user to disclose private files belonging to other users. This can cause hook_node_insert() ...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-33653 Uploady Vulnerable to Stored Cross-Site Scripting (XSS)
Ulloady is a file uploader script with multi-file upload support. A Stored Cross-Site Scripting XSS vulnerability exists in versions prior to 3.1.2 due to improper sanitization of filenames during the file upload process. An attacker can upload a file with a malicious filename containing JavaScri...