3994 matches found
GHSA-P4FX-23FQ-JFG6 Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Summary The tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been explicitly denied tool management capabilities and who the administrator considers untrusted for code...
Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Summary The tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been explicitly denied tool management capabilities and who the administrator considers untrusted for code...
GHSA-H2CW-7QW9-56XR Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)
Summary When setting model permissions so that a group has read access to it, intending for other users to use it, those users also can read the model's system prompt. However users may consider their system prompt confidential, so we consider this a security issue. Compare...
Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)
Summary When setting model permissions so that a group has read access to it, intending for other users to use it, those users also can read the model's system prompt. However users may consider their system prompt confidential, so we consider this a security issue. Compare...
CVE-2026-22677
Hermes WebUI prior to 0.51.44 contains a path traversal vulnerability in the session import endpoint that allows authenticated attackers to read arbitrary files by importing a crafted session with an unrestricted workspace value. Attackers can supply a blocked filesystem root in the workspace fie...
CVE-2026-45147
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any...
CVE-2026-45147
SiYuan before 3.7.0 is vulnerable: POST /api/tag/getTag is registered with model.CheckAuth only, omitting CheckAdminRole and CheckReadonly, allowing any authenticated user to pass a sort parameter that mutates Conf.Tag.Sort and triggers model.Conf.Save(), which rewrites the entire workspace conf....
EUVD-2026-30360
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over resources belonging to other...
NPM: FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
NPM: FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...
GHSA-WXRR-JP8M-QQ7F FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluator entity - cross-workspace data takeover and IDOR. File: packages/server/src/Interface.Evaluation.ts Root cause: The Evaluator controller/service constructs a n...
FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluator entity - cross-workspace data takeover and IDOR. File: packages/server/src/Interface.Evaluation.ts Root cause: The Evaluator controller/service constructs a n...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over evaluation data across different...
NPM: FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
NPM: FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...
GHSA-MQ53-PC65-WJC4 FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluation entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/evaluations/index.ts Root cause: The Evaluation controller/service...
FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluation entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/evaluations/index.ts Root cause: The Evaluation controller/service...
NPM: FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
NPM: FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over data across different workspaces by...
GHSA-7J65-65CR-6644 FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the DatasetRow entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/dataset/index.ts Root cause: The DatasetRow controller/service constructs...
FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the DatasetRow entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/dataset/index.ts Root cause: The DatasetRow controller/service constructs...