Open WebUI vulnerable to blind server side request forgery (SSRF) via the PDF generate function

Summary Blind server side request forgery SSRF via the PDF generate function. The finding resulted from a penetration test for a customer. It is suspected that the root cause of the issue lies within the core of Open WebUI, which is why it is being reported as a security issue here. Tested on Ope...

GHSA-GM54-M39W-GRJP Open WebUI missing authorization check at the model update function - models from other users can be updated

Summary A user can modify another user's model even if its visibility is set to Private. The finding resulted from a penetration test for a customer. It is suspected that the root cause of the issue lies within the core of Open WebUI, which is why it is being reported as a security issue here...

EUVD-2026-28504

PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated endpoint POST /api/skills/fetch-remote that fetches a user-supplied URL server-side and reflects the response body up t...

PT-2026-38645

Name of the Vulnerable Software and Affected Versions PromptHub versions 0.4.9 through 0.5.3 Description An authenticated endpoint "/api/skills/fetch-remote" fetches a user-supplied URL server-side and reflects the response body back to the caller. The Server-Side Request Forgery SSRF protection ...

CVE-2026-32255

Kan is an open-source project management tool. In versions 0.5.4 and below, the /api/download/attatchment endpoint has no authentication and no URL validation. The Attachment Download endpoint accepts a user-supplied URL query parameter and passes it directly to fetch server-side, and returns the...

CVE-2026-32255 Kan is Vulnerable to Unauthenticated SSRF via Attachment Download Endpoint

Kan is an open-source project management tool. In versions 0.5.4 and below, the /api/download/attatchment endpoint has no authentication and no URL validation. The Attachment Download endpoint accepts a user-supplied URL query parameter and passes it directly to fetch server-side, and returns the...

CVE-2026-32255

Kan is vulnerable to unauthenticated SSRF via /api/download/attatchment in versions 0.5.4 and earlier. The endpoint accepts a user-supplied URL query parameter, passes it server-side to fetch(), and returns the full response body without authentication or URL validation. An unauthenticated attack...

CVE-2026-32294 JetKVM insufficient firmware verification

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification...

JetKVM 安全漏洞

JetKVM is an open-source remote computer management tool developed by JetKVM. Versions of JetKVM prior to 0.5.4 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of the authenticity of downloaded firmware files. This could allow intermediate parties o...

WordPress Tablesome Table 0.5.4-1.2.1 - Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege Escalation vulnerability

Missing Authorization to Authenticated Subscriber+ Information Exposure and Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Tablesome versions 0.5.4-1.2.1...

EUVD-2023-44178

Malicious code in bioql PyPI...

CVE-2025-55797

An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...

DEBIAN-CVE-2025-59825

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which...

GHSA-3WGQ-WRWC-VQMV astral-tokio-tar has a path traversal in tar extraction

Impact In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which defaults to true could be bypassed via a pair of symlinks that...

astral-tokio-tar has a path traversal in tar extraction

Impact In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which defaults to true could be bypassed via a pair of symlinks that...

dstack 安全漏洞

dstack is a TEE deployment tool from the Dstack TEE open source. A security vulnerability exists in versions prior to dstack 0.5.4, which stems from the possibility that a malicious host could provide specially crafted LUKS2 data volumes, leading to the disclosure of Wireguard keys and other secr...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment when a new user logs in via SSH and does not exist in the user database, the session assigns the user to the root group. An attacker can gain elevated privileges by authenticating as a new user through SSH...

CVE-2010-4888

SQL injection vulnerability in the Tiny Market hmtinymarket extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2025-32503

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Conti Link Shield link-shield allows Stored XSS.This issue affects Link Shield: from n/a through = 0.5.4...

CVE-2025-32503 WordPress Link Shield plugin <= 0.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Conti Link Shield allows Stored XSS. This issue affects Link Shield: from n/a through 0.5.4...