2 matches found
CVE-2026-15737
CVE-2026-15737 affects the AWS Bedrock AgentCore Python SDK. Unintended logging of sensitive user content occurs in the OpenTelemetry instrumentation for SDK versions 1.4.8 and 1.5.0, where raw user prompts and complete agent responses were written into OpenTelemetry span attributes on every invo...
Information Exposure
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Information Exposure via the api/models endpoint. An attacker can access sensitive system prompt information by sending authenticated requests as a non-admin user. Remediation Upgrade open-webui to version...