EUVD-2026-20625

A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request...

CVE-2026-5803

The CVE-2026-5803 entry concerns bigsk1/openai-realtime-ui (up to commit 188ccde27fdf3d8fab8da81f3893468f53b2797c) with a vulnerability in the API Proxy Endpoint’s server.js that enables server-side request forgery through a manipulated Query argument. It is described as remotely exploitable, and...

CVE-2026-5803 bigsk1 openai-realtime-ui API Proxy Endpoint server.js server-side request forgery

A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request...

LoLLMs WEBUI 安全漏洞

LoLLMs WEBUI is a large-scale model web user interface developed by Saifeddine ALOUI, which supports integration of multiple models and modalities. LoLLMs WEBUI has a security vulnerability. This vulnerability stems from the/api/proxy endpoint, which allows unverified users to force the server to...