Lucene search
K

4 matches found

OSV
OSV
added 6 days ago4 views

CVE-2026-59219 Open WebUI: Realtime endpoints accept Redis-revoked JWTs after signout/backchannel logout

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decodetoken without the Redis-backed...

7.1CVSS6.1AI score0.00259EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.4 views

CacheCloud 代码注入漏洞

CacheCloud is a Redis cloud management platform open-sourced by SohuTV. A code injection vulnerability exists in CacheCloud 3.2.0 and earlier versions, which stems from an incorrect operation of the function preview in file...

5.4CVSS4.8AI score0.002EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/04/24 12:0 a.m.15 views

FreeBSD : redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (af8d043f-20df-11f0-b9c5-000c295725e4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the af8d043f-20df-11f0-b9c5-000c295725e4 advisory. Axel Mierczuk reports: By default, the Redis configuration does not limit the output buffer of normal...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References3
OSV
OSV
added 2021/10/26 2:15 p.m.4 views

CVE-2021-41172

ASRedis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is...

5.4CVSS5.8AI score0.00989EPSS
Exploits1References3
Rows per page
Query Builder