Lucene search
K

2991 matches found

Wolfi
Wolfi
added 2026/02/20 7:48 p.m.5 views

CVE-2026-27026 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.4AI score0.00168EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.4 views

GHSA-2Q4J-M29V-HQ73 vulnerabilities

Vulnerabilities for packages: open-webui...

5.4AI score
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.7 views

CVE-2026-27025 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.4AI score0.00168EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.5 views

CVE-2026-27024 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.4AI score0.00168EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.4 views

GHSA-29VQ-49WR-VM6X vulnerabilities

Vulnerabilities for packages: airflow, superset, kubeflow-volumes-web-app, open-webui, emissary, tensorflow-cpu-jupyter, mlflow, kubeflow-pipelines-visualization-server...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.5 views

CVE-2026-27199 vulnerabilities

Vulnerabilities for packages: airflow, superset, kubeflow-volumes-web-app, open-webui, emissary, tensorflow-cpu-jupyter, mlflow, kubeflow-pipelines-visualization-server...

6.3CVSS5.9AI score0.00556EPSS
Exploits1
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.4 views

CVE-2026-27205 vulnerabilities

Vulnerabilities for packages: airflow, kubeflow-volumes-web-app, open-webui, mitmproxy, mlflow, emissary...

4.3CVSS5.9AI score0.00374EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.3 views

GHSA-68RP-WP8R-4726 vulnerabilities

Vulnerabilities for packages: airflow, kubeflow-volumes-web-app, open-webui, mitmproxy, mlflow, emissary...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/20 7:39 p.m.7 views

CVE-2026-26193

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...

7.3CVSS5.5AI score0.00198EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/20 7:39 p.m.5 views

CVE-2026-26192

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...

7.3CVSS5.6AI score0.00194EPSS
Exploits1References1
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.6 views

GHSA-WGVP-VG3V-2XQ3 vulnerabilities

Vulnerabilities for packages: open-webui...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.5 views

GHSA-9MVC-8737-8J8H vulnerabilities

Vulnerabilities for packages: open-webui...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.11 views

CVE-2026-27026 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.4AI score0.00168EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.12 views

CVE-2026-27024 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.4AI score0.00168EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.5 views

GHSA-68RP-WP8R-4726 vulnerabilities

Vulnerabilities for packages: open-webui, kubeflow-volumes-web-app, emissary, mlflow, airflow-core, airflow, mitmproxy...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.6 views

GHSA-29VQ-49WR-VM6X vulnerabilities

Vulnerabilities for packages: open-webui, litellm, kubeflow-pipelines-visualization-server, kubeflow-volumes-web-app, tensorflow-gpu-jupyter, azure-functions-python-worker, mlflow, airflow-core, tensorflow-cpu-jupyter, localstack, airflow, emissary, superset...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/02/20 7:17 p.m.7 views

CVE-2026-27199 vulnerabilities

Vulnerabilities for packages: open-webui, litellm, kubeflow-pipelines-visualization-server, kubeflow-volumes-web-app, tensorflow-gpu-jupyter, azure-functions-python-worker, mlflow, airflow-core, tensorflow-cpu-jupyter, localstack, airflow, emissary, superset...

6.3CVSS5.9AI score0.00556EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2026/02/20 12:0 a.m.12 views

VulnCheck KEV: CVE-2024-6250

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the openfile endpoint of lollmsadvanced.py. The sanitizepath function with allowabsolutepath=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can...

7.5CVSS5.9AI score0.01957EPSS
In wildExploits1References2
NVD
NVD
added 2026/02/19 8:25 p.m.8 views

CVE-2026-26193

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...

7.3CVSS0.00198EPSS
Exploits1References2
NVD
NVD
added 2026/02/19 8:25 p.m.6 views

CVE-2026-26192

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...

7.3CVSS0.00194EPSS
Exploits1References2
Rows per page
Query Builder