ROS-20260407-73-0041

A vulnerability in the TLS traffic proxying mechanism of NGINX Plus and NGINX OSS web servers is related to the loading of external unreliable data along with reliable data. Exploitation of the vulnerability could allow an attacker acting remotely to inject data in plain text form...

PT-2026-30823

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149.0.2 Firefox ESR versions prior to 140.9.1 Thunderbird versions prior to 149.0.2 Thunderbird versions prior to 140.9.1 Description The software contains incorrect boundary conditions and an integer overflow within...

Mozilla Thunderbird < 149.0.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 149.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-28 advisory. - Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed...

CVE-2026-35050

CVE-2026-35050 affects text-generation-webui prior to 4.1.1. An attacker can abuse the ability to save extension settings in the app root (py format) to overwrite Python files such as download-model.py. The overwritten file can be triggered via the Model menu when requesting to download a new mod...

EUVD-2026-19408

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-35050

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-28797

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...

EUVD-2026-19362

The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.downloadfromurl in app/services/fileservice.py calls requests.geturl with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by...

PT-2026-30703

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description A Stack-based Buffer Overflow...

Text Generation Web UI 路径遍历漏洞

Text Generation Web UI is a local AI UI interface developed by oobabooga’s individual developer. Versions of Text Generation Web UI prior to 4.1.1 contained a path traversal vulnerability. This vulnerability stems from allowing extended settings to be saved in the py format, which can overwrite...

PT-2026-30677

The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.download from url in app/services/file service.py calls requests.geturl with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by...

PT-2026-30687

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2019-25660

LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...

SQL Injection

Overview openchatbi is an OpenChatBI - Natural language business intelligence powered by LLMs for intuitive data analysis and SQL generation Affected versions of this package are vulnerable to SQL Injection via the Multi-stage Text2SQL Workflow component when processing the keywords argument. An...

EUVD-2026-19117

A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2026-5586

A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2026-5586

CVE-2026-5586 affects zhongyu09 openchatbi up to version 0.2.1, specifically a vulnerability in an unknown function within the Multi-stage Text2SQL Workflow. Manipulating the argument keywords may lead to SQL injection. The attack can be launched remotely, and the exploit has been publicly disclo...

CVE-2026-5586

A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2026-5586 zhongyu09 openchatbi Multi-stage Text2SQL Workflow sql injection

A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been...