Lucene search
K

1201 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 2:49 a.m.4 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.7AI score0.00464EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 10:16 p.m.13 views

CVE-2026-48017

DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, ...

8.8CVSS0.0051EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/15 8:54 p.m.8 views

EUVD-2026-37007

DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, ...

8.8CVSS5.9AI score0.0051EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.8 views

CVE-2026-27130

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

9.9CVSS5.5AI score0.00985EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 6:26 p.m.27 views

CVE-2026-46394

CVE-2026-46394 : HAX CMS PHP backend prior to v26.0.0 is vulnerable to OS command injection in the Git.php library. The application builds shell commands from unsanitized input and executes them via proc_open(); only one of 17 command-invoking functions uses escapeshellarg(), increasing risk. An ...

7.7CVSS6.7AI score0.00768EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 4:39 p.m.6 views

GHSA-HV83-GGC4-V385 DbGate: Remote Code Execution via functionName injection in loadReader endpoint

Summary The POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, no special permissions required can inject arbitrary JavaScript...

8.8CVSS6AI score0.0051EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/05 12:9 a.m.10 views

CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

9.8CVSS6AI score0.01026EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 6:16 p.m.14 views

CVE-2025-67447

The network diagnosis ping module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands,...

9.8CVSS0.01026EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46292

Name of the Vulnerable Software and Affected Versions Neterbit NW-431F Router versions prior to 20241014-IR03 Description The network diagnosis ping module allows OS command injection because the application fails to properly sanitize user input in the IP address field before passing it to the...

9.8CVSS5.8AI score0.01026EPSS
Exploits0References4
CVE
CVE
added 2026/06/04 12:0 a.m.15 views

CVE-2025-67447

The CVE concerns the ping module in Neterbit NW-431F Router (versions up to 20241014-IR03) with OS command injection via unsanitized IP address input fed to the system ping. The input validation flaw allows an attacker to inject arbitrary commands, which would run with the web server’s privileges...

9.8CVSS6AI score0.01026EPSS
Exploits0References2
NVD
NVD
added 2026/05/18 9:16 p.m.12 views

CVE-2026-27130

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

9.9CVSS0.00985EPSS
Exploits0References2
CVE
CVE
added 2026/05/18 8:58 p.m.28 views

CVE-2026-27130

CVE-2026-27130 affects Dokploy (PaaS) versions ≤ 0.26.6. The vulnerability is an OS command injection in the appName parameter, caused by three chained issues: inadequate input sanitization (cleanAppName only lowers case and replaces spaces), lack of schema validation, and direct interpolation of...

9.9CVSS5.8AI score0.00985EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 10:16 p.m.19 views

CVE-2026-45350

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS0.0026EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:23 p.m.30 views

CVE-2026-45350

Open WebUI (self-hosted AI platform) has a vulnerability in the chat_completion API prior to version 0.8.6 where user-supplied tool_ids/tool_servers are used to build a tools_dict without permission checks. This allows invoking any server tool using the server’s credentials, bypassing tool restri...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 9:23 p.m.69 views

CVE-2026-45350 Open WebUI: Chat completion API allows tool restrictions to be bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS0.0026EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 9:23 p.m.11 views

EUVD-2026-30652

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:23 p.m.7 views

CVE-2026-45350

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.15 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained security vulnerabilities. These vulnerabilities stemmed from the chat completion API, where tool IDs and server parameters were provided by users witho...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1
OSV
OSV
added 2026/05/14 8:24 p.m.8 views

GHSA-4PCG-253R-RF9W Open WebUI's chat completion API allows tool restrictions to be bypassed

Summary Open WebUI v0.6.43 contains a vulnerability in its chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. Details In the chatcompletion API, the parameters toolids and toolservers are supplied by the user. These...

7.1CVSS5.7AI score0.0026EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/12 5:57 p.m.31 views

CVE-2026-42541 Kubewarden: RBAC Reconnaissance via unchecked can_i host capability call

Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions which isn't the default can craft a policy that makes use of the cani host callback. The callback issues a SubjectAccessReview SAR requests to enumerate...

4.3CVSS0.00171EPSS
Exploits0References1
Rows per page
Query Builder