PT-2026-41274

Name of the Vulnerable Software and Affected Versions Frontend Admin by DynamiApps versions prior to 3.28.37 Description Insufficient authorization checks in the role field update mechanism and overly permissive capabilities for the admin form post type allow for privilege escalation. The admin...

WordPress plugin Frontend Admin by DynamiApps 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities were caused by TOCTOU race conditions in the LDAP and OAuth authentication processes, which could allow...

PT-2026-41265

Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded, an arbitrary script may be executed on a user's web browser when viewing the administration page showing the informati...

PT-2026-41268

Name of the Vulnerable Software and Affected Versions FOX – Currency Switcher Professional for WooCommerce versions prior to 1.4.6 Description The plugin is susceptible to unauthorized data loss because the admin head function lacks a proper capability check. Authenticated users with...

CVE-2026-42847

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

CVE-2026-42847

CVE-2026-42847 affects ClipBucket v5 prior to 5.5.3 - #122. The vulnerability is a SQL injection in the authenticated admin endpoint admin_area/action_logs.php, where the GET parameter $_GET['type'] is read, stored, and concatenated into a SQL WHERE condition on action_type in fetch_action_logs()...

CVE-2026-42847

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

CVE-2026-42847 ClipBucket: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

CVE-2026-42847 ClipBucket: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

EUVD-2026-30476

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

Race Condition

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Race Condition through a race condition in the LDAP and OAuth authentication processes. An attacker can obtain administrative privileges by sending multiple concurrent authentication requests during the initi...

GHSA-H3WW-Q6XX-W7X3 Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

Summary The LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line 663 was explicitly patched to prevent this race with the comment "Insert with default role first to avoid...

Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts

Summary The LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line 663 was explicitly patched to prevent this race with the comment "Insert with default role first to avoid...

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization order in the Banner component. An attacker can execute arbitrary JavaScript in the context of privileged users by injecting malicious payloads into the banne...

Open WebUI has Stored XSS in Banner Component via Improper Sanitization Order

Summary A Stored Cross-Site Scripting XSS vulnerability exists in the Banner component due to an improper sanitization order specifically, DOMPurify is executed before the marked library. This vulnerability allows a compromised or malicious administrator to plant a malicious payload in the global...

GHSA-CQP4-QQVG-3787 Open WebUI has Stored XSS in Banner Component via Improper Sanitization Order

Summary A Stored Cross-Site Scripting XSS vulnerability exists in the Banner component due to an improper sanitization order specifically, DOMPurify is executed before the marked library. This vulnerability allows a compromised or malicious administrator to plant a malicious payload in the global...

Insertion of Sensitive Information Into Sent Data

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data through the getmodelbyid handler in routers/models.py. An attacker can read the admin-curated system prompt and other model behavior settings by sending a GET...

Information Exposure

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Information Exposure via the api/models endpoint. An attacker can access sensitive system prompt information by sending authenticated requests as a non-admin user. Remediation Upgrade open-webui to version...

Open WebUI Exposes System Prompt to Regular User [Non-Admin]

Summary A regular user non-admin can view the system prompt of the model which is set by an admin. Details When a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of available...