19 matches found
CVE-2026-45315 Open WebUI: Stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serve...
CVE-2026-45315
Open WebUI (self-hosted offline AI platform) is affected by CVE-2026-45315. Before version 0.9.3, the audio transcription upload endpoint accepts a user-supplied filename extension and saves the file under CACHE_DIR/audio/transcriptions, then serves /cache/{path} via FileResponse using the on-dis...
Open WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions`
Summary An unsanitised filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including the server's absolute DATADIR path — is returned verbatim in the HTTP 400 response body, confirming information...
CVE-2026-33764
CVE-2026-33764 affects WWBN/AVideo up to version 26.0 where the AI plugin’s save.json.php loads AI responses by attacker-controlled IDs (ai_metatags_responses_id and ai_transcribe_responses_id) without validating ownership of the target video. An authenticated user with canUseAI can reference AI ...
CVE-2026-33764 AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user wi...
CVE-2026-33764 AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user wi...
Authorization Bypass Through User-Controlled Key
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the save.json.php process. An attacker can access and exfiltrate confidential AI-generated metadata and...
GHSA-G39V-QRJ6-JXRH AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions
Summary The AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user with AI permissions can reference any AI response ID — including those generat...
AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions
Summary The AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user with AI permissions can reference any AI response ID — including those generat...
Open WebUI 代码问题漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.0, which stems from the audio API endpoint /audio/api/v1/transcriptions allowing arbitrary file uploads, which could lead to path...
Arbitrary File Deletion
litellm is vulnerable to Arbitrary File Deletion. The vulnerability is due to improper input validation on the /audio/transcriptions endpoint, allowing attackers to send crafted requests that delete specified files without proper authorization or validation...
GHSA-3XR8-QFVJ-9P9J Arbitrary file deletion in litellm
BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...
Arbitrary file deletion in litellm
BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...
CVE-2024-4888
BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...
CVE-2024-4888
BerriAI’s litellm (latest version) is affected by CVE-2024-4888 due to improper input validation on the /audio/transcriptions endpoint. The code uses os.remove(file.filename) to delete a file, allowing an attacker to delete arbitrary server files (e.g., SSH keys, SQLite databases, configuration f...
CVE-2024-4888 Arbitrary File Deletion in BerriAI/litellm
BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...
CVE-2024-4888 Arbitrary File Deletion in BerriAI/litellm
BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...
LiteLLM Input Validation Error Vulnerability
LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from an input validation error vulnerability that stems from an improper input validation issue with the /audio/transcriptions API, resulting in vulnerability to arbitrary file...
PT-2024-33255 · Berriai · Litellm
Name of the Vulnerable Software and Affected Versions: BerriAI's litellm version latest Description: The issue arises from improper input validation on the "/audio/transcriptions" endpoint, allowing an attacker to send a specially crafted request that includes a file path to the server. This...