22 matches found
CVE-2026-44721
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...
CVE-2026-44721
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...
CVE-2026-44721
CVE-2026-44721 documents a stored XSS in Open WebUI prior to version 0.9.0. The vulnerability arises from a flawed sanitizeResponseContent path that escapes HTML but does not neutralize a markdown link with a javascript: URI rendered via {@html}, enabling an authenticated user with workspace.mode...
EUVD-2026-30625
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...
CVE-2026-44721 Open WebUI: Stored XSS via Model Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...
CVE-2026-44721
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...
CVE-2026-44555
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via basemodelid: a user-defined model e.g., "Cheap Assistant" can reference an existing base model e.g., "gpt-4-turbo-restricted" that provides...
Missing Authorization
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization in the basemodelid process. An attacker can gain unauthorized access to restricted models by creating a new model that chains to a restricted base model and invoking it, causing the serv...
GHSA-GF5M-WCRH-7928 open-webui Vulnerable to Stored XSS via Model Description
!IMPORTANT Relationship to CVE-2024-7990 CVE-2024-7990 issued by huntr.dev, March 2025 describes a stored XSS in the same field — the model description — but exploits a different bypass mechanism: a second-order injection through the sanitizeResponseContent function's video-tag placeholder...
open-webui Vulnerable to Stored XSS via Model Description
!IMPORTANT Relationship to CVE-2024-7990 CVE-2024-7990 issued by huntr.dev, March 2025 describes a stored XSS in the same field — the model description — but exploits a different bypass mechanism: a second-order injection through the sanitizeResponseContent function's video-tag placeholder...
PT-2026-39272
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description Open WebUI allows model composition through the base model id variable, where a user-defined model can reference a base model for inference. An access control flaw exists because the system verifi...
PT-2026-39294
Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.3.5 through 0.8.12 Description A stored cross-site scripting XSS issue allows authenticated users with model creation permissions workspace.models to execute arbitrary JavaScript in the browsers of other users, including...
Keras 3.13.0 Safe Parallel ML Stress Test Generator
This script is a safe and lightweight stress-testing utility designed to simulate machine learning model generation workloads without actually allocating large memory or creating real heavy files. It was designed to test Keras 3.13.0...
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2025-11201 MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2025-11201 MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2025-11201
CVE-2025-11201 is a Directory Traversal leading to Remote Code Execution in MLflow Tracking Server. The flaw arises from improper validation of a user-supplied model file path, allowing an attacker to execute code with the service account via crafted paths over the network without authentication....
PT-2025-40608
Name of the Vulnerable Software and Affected Versions MLflow Tracking Server affected versions not specified Description A directory traversal issue exists in the MLflow Tracking Server related to model creation. This allows for remote code execution. The issue involves the ability to traverse...
Microsoft 3D Builder 安全漏洞
Microsoft 3D Builder, a tool for creating models and 3D printing from Microsoft USA, has a security vulnerability. No details of the vulnerability are currently available...
Microsoft 3D Builder 安全漏洞
Microsoft 3D Builder, a tool for creating models and 3D printing from Microsoft USA, has a security vulnerability. No details of the vulnerability are currently available...