Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

NVD
NVDadded 2026/03/27 11:17 p.m.0 views

CVE-2026-4992

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS0.00013EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/27 10:3 p.m.24 views

CVE-2026-4992 wandb OpenUI HTMLAnnotator server.py get_share HTML injection

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS0.00013EPSS
Exploits0References4
CVE
CVEadded 2026/03/27 10:3 p.m.7 views

CVE-2026-4992

WandB OpenUI vulnerability CVE-2026-4992 affects the HTMLAnnotator component, specifically the create_share/get_share function in backend/openui/server.py. The issue arises from manipulating the ID argument, enabling HTML injection. Exploitation is possible remotely and the exploit has been publi...

5.3CVSS5.5AI score0.00013EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/27 10:3 p.m.1 views

CVE-2026-4992

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS5.5AI score0.00013EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.1 views

PT-2026-28710

Name of the Vulnerable Software and Affected Versions wandb OpenUI versions up to 1.0 Description A flaw exists in wandb OpenUI, specifically within the HTMLAnnotator component. The issue resides in the create share/get share function located in the backend/openui/server.py file. Manipulation of...

5.3CVSS5.8AI score0.00013EPSS
Exploits0References9
Rows per page
Query Builder