CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

EUVD•added 2025/12/04 10:3 p.m.•2 views

EUVD-2025-201263

Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'...

8.7CVSS5.5AI score0.00028EPSS

Exploits1References4

NVD•added 2025/12/04 9:16 p.m.•2 views

CVE-2025-65959

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing...

8.7CVSS0.00028EPSS

Exploits1References2

Cvelist•added 2025/12/04 8:46 p.m.•19 views

CVE-2025-65959 Open WebUI vulnerable to Stored DOM XSS via Note 'Download PDF'

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing...

8.7CVSS0.00028EPSS

Exploits1References2

OSV•added 2025/12/04 8:46 p.m.•2 views

CVE-2025-65959 Open WebUI vulnerable to Stored DOM XSS via Note 'Download PDF'

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing...

8.7CVSS6.6AI score0.00028EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by