Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/05/15 8:33 p.m.12 views

CVE-2026-45396 Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses modelconfig = ConfigDictextra='allow'. Due to an...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 8:33 p.m.20 views

CVE-2026-45396

Summary of technical details (CVE-2026-45396) Open WebUI v0.9.2 is vulnerable to mass assignment in the endpoint POST /api/v1/evaluations/feedback through a FeedbackForm that uses extra='allow'. The root cause is an insecure dictionary merge order in insert_new_feedback(), where the form data can...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/14 8:26 p.m.11 views

GHSA-RJMP-VJF2-QF4G Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation

Mass Assignment in Feedback Creation Allows User ID Spoofing and Evaluation Data Manipulation Summary The POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses modelconfig = ConfigDictextra='allow'. Due to an insecure...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/14 8:26 p.m.17 views

Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation

Mass Assignment in Feedback Creation Allows User ID Spoofing and Evaluation Data Manipulation Summary The POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses modelconfig = ConfigDictextra='allow'. Due to an insecure...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41191

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An authenticated attacker can perform a mass assignment attack via the 'POST /api/v1/evaluations/feedback' endpoint. This is possible because the FeedbackForm uses a configuration that allows extr...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/10/09 3:40 p.m.8 views

Better Auth: Unauthenticated API key creation through api-key plugin

Summary A critical authentication bypass was identified in the API key creation and update endpoints. An attacker could create or modify API keys for arbitrary users by supplying a victim’s user ID in the request body. Due to a flaw in how the authenticated user was derived, the endpoints could...

9.3CVSS9.1AI score0.18012EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2024/10/15 7:31 a.m.6 views

Incorrect User Management

github.com/ubuntu/authd is vulnerable to Incorrect User Management. The vulnerability is due to insufficient randomization of user IDs, allowing a local attacker to register usernames and spoof another user's ID, gaining their privileges. This issue affects Authd through version 0.3.6...

7.5CVSS6.3AI score0.0028EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/10 12:0 a.m.10 views

PT-2024-39562 · Authd +1 · Authd +1

Name of the Vulnerable Software and Affected Versions: Authd versions 0.3.6 and earlier Description: A local attacker who can register user names could spoof another user's ID and gain their privileges due to insufficient randomization of user IDs. The issue arises from the GenerateID method, whi...

10CVSS6.4AI score0.97781EPSS
Exploits23References213
myhack58
myhack58
added 2012/05/29 12:0 a.m.18 views

Network fun website management system V2. 1 The official version of 0day-vulnerability warning-the black bar safety net

Author: Samy source: bug 1. asp : % Response. Cookies"KuUSER""UserName"="" userid=request. querystring"userid" % % set rsmsg=server. createobject"adodb. recordset" sqlmsg="select from Comuser where comid="&userid&"" rem get the data without the filter rsmsg. open sqlmsg,conn,1,3 if rsmsg. eof and...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/06/12 12:0 a.m.43 views

WinPT User ID Spoofing Vulnerability

WinPT User ID Spoofing Vulnerability Impact: Impersonation Where: Remote Status: Unpatched Product: Windows Privacy Tray WinPT http://wald.intevation.org/projects/winpt Visual representation of keys in WinPT 1.2.0 is susceptible to a user ID spoofing attack using keys with large amount of data in...

6.6AI score
Exploits0
Rows per page
Query Builder