Lucene search
K

428 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 7:15 p.m.6 views

CVE-2026-44016

A flaw was found in Docling. If the HTML backend is explicitly configured for rendering, a remote attacker could exploit a vulnerability in the Playwright-based rendering feature by crafting malicious HTML documents. This could allow the attacker to execute arbitrary JavaScript or make unauthoriz...

8.2CVSS6.3AI score0.00384EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/24 5:42 p.m.4 views

CVE-2026-44016 Docling: Unsafe Playwright-based HTML Rendering

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 5:42 p.m.32 views

CVE-2026-44016

Docling (Python SDK) versions 2.82.0–2.90.x are affected when the HTML backend is explicitly enabled for rendering. The Playwright-based rendering had a vulnerability that could allow JavaScript execution and unrestricted network access in the rendering context for untrusted HTML, enabling potent...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/24 5:42 p.m.2 views

CVE-2026-44016 Docling: Unsafe Playwright-based HTML Rendering

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/24 5:42 p.m.30 views

CVE-2026-44016 Docling: Unsafe Playwright-based HTML Rendering

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering...

8.2CVSS0.00384EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 4:42 p.m.27 views

CVE-2026-54018

Open WebUI (self-hosted offline AI) contains SSRF protection bypass in the Playwright Web Loader prior to version 0.9.6. The validator checks only the initial URL; Playwright follows redirects (301/302) by default, allowing an attacker-supplied URL that redirects to internal addresses (e.g., loca...

7.7CVSS5.9AI score0.00287EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/23 4:42 p.m.2 views

CVE-2026-54018 Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only ...

7.7CVSS6AI score0.00287EPSS
Exploits1References3
OSV
OSV
added 2026/06/17 5:55 p.m.6 views

GHSA-JRFP-M64G-PCWV Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Summary The SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only on the initial URL. Since Playwright automatically follows HTTP redirects 301/302 by default, an attacker c...

7.7CVSS5.5AI score0.00287EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/17 5:55 p.m.12 views

Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Summary The SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only on the initial URL. Since Playwright automatically follows HTTP redirects 301/302 by default, an attacker c...

7.7CVSS5.4AI score0.00287EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/06/17 5:55 p.m.6 views

Server-side Request Forgery (SSRF)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the validateurl process. An attacker can access internal network resources and sensitive information by supplying a URL that redirects to internal addresses, bypassing the...

7.7CVSS5.9AI score0.00287EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50590

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description The SafePlaywrightURLLoader uses a validate url function to prevent Server-Side Request Forgery SSRF by checking the IP address of a user-provided URL. However, this validation only occurs for the...

7.7CVSS5.9AI score0.00287EPSS
Exploits1References4
NVD
NVD
added 2026/06/11 9:16 p.m.12 views

CVE-2026-53812

OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...

7.7CVSS0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:7 p.m.10 views

CVE-2026-53812 OpenClaw < 2026.5.18 - Private-Network Navigation Bypass via Browser Act Interactions

OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...

7.7CVSS5.2AI score0.00247EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing issues in browser control, allowing authenticated users to bypass private network...

7.7CVSS5.4AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-41512

ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in BrowserAutomation::PlaywrightService. This issue has been patched in version 1.4.1...

9.9CVSS6.2AI score0.00587EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.13 views

Malicious code in autotel-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac3753f5000aa2bef53314f8715b374c6996fd76c7646430af91f2549974118 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.16 views

MAL-2026-5256 Malicious code in executable-stories-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3137898a0ce7b26bf51153300f929a28c1d653830a2ddf7f57d7dea270e2a7e0 No concrete installer-harm signals were identified in this version. No lifecycle hooks fetching remote payloads, no credential or environment scrapin...

6.2AI score
Exploits0References8
OSV
OSV
added 2026/06/04 8:59 p.m.6 views

ROOT-APP-NPM-CVE-2025-59288 CVE-2025-59288 in @rootio/playwright-core - Patched by Root

Root has patched CVE-2025-59288 in the @rootio/playwright-core package for Root:npm. Multiple fixed versions available...

5.3CVSS7.7AI score0.0022EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/03 9:9 p.m.17 views

Docling: Unsafe Playwright-based HTML Rendering

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

8.2CVSS6.5AI score0.00384EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/03 9:9 p.m.10 views

GHSA-PJ2V-GGQH-CMQ2 Docling: Unsafe Playwright-based HTML Rendering

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

8.2CVSS6.5AI score0.00384EPSS
Exploits0References3
Rows per page
Query Builder