9920 matches found
2026-07 .NET 8.0.29 Security Update for x86 Client (KB5104032)
2026-07 .NET 8.0.29 Security Update for x86 Client KB5104032...
2026-07 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5099539)
2026-07 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems KB5099539...
2026-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5099535)
2026-07 Cumulative Update for Windows Server 2016 for x64-based Systems KB5099535...
2026-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5099538)
2026-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems KB5099538...
2026-07 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5099538)
2026-07 Cumulative Update for Windows 10 Version 1809 for x86-based Systems KB5099538...
2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5099535)
2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems KB5099535...
July 14, 2026—KB5099444 (Monthly Rollup)
None None...
July 14, 2026—KB5099539 (OS Builds 19045.7548 and 19044.7548)
None None...
July 14, 2026—KB5099538 (OS Build 17763.9020)
None None...
July 14, 2026—KB5099414 (OS Build 22631.7376)
None None...
July 14, 2026—KB5101649 (OS Build 28000.2525)
None None...
WordPress BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin <= 4.6.0 - Authenticated (Custom+) SQL Injection vulnerability
Authenticated Custom+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin BetterDocs versions = 4.6.0...
CVE-2026-59217
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...
CVE-2026-59217 Open WebUI: Upload `metadata.knowledge_id` bypasses the knowledge-base write-access check (read-only users can add files to KB)
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...
CVE-2026-59217 Open WebUI: Upload `metadata.knowledge_id` bypasses the knowledge-base write-access check (read-only users can add files to KB)
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...
CVE-2026-59217
Open WebUI prior to version 0.10.0 allowed a metadata.knowledge_id value in file uploads to auto-link files to a knowledge base, bypassing the write-access check on /api/v1/knowledge//file/add. This enabled read-only knowledge-base users to add arbitrary files. The issue is fixed in version 0.10....
EUVD-2026-41429
LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...
CVE-2026-59098
LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...
CVE-2026-59098 LobeChat 2.2.9 - Cross-User Document Disclosure via Unscoped RAG Semantic Search
LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...
CVE-2026-59098 LobeChat 2.2.9 - Cross-User Document Disclosure via Unscoped RAG Semantic Search
LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...