CVE-2026-54014 Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

CVE-2026-54014

Open WebUI (open-webui/open-webui) before version 0.9.6 is affected by a sibling-prefix path traversal in the cache file endpoint. The vulnerability stems from serve_cache_file() validating the absolute path with file_path.startswith(os.path.abspath(CACHE_DIR)) without appending a trailing path s...

PT-2026-50486

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description A path traversal issue exists in the cache file serving endpoint '/cache/path:path' that allows authenticated users with the role of user or admin to read files from sibling directories outside th...

Malicious Package

Overview material-ui-plugin-cache-endpoint is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

MAL-2026-2926 Malicious code in material-ui-plugin-cache-endpoint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45efd49ad74d002b46224881218cf53c763e58c0b71ed3d3ff3a79d1021f3a64 The package material-ui-plugin-cache-endpoint was found to contain malicious code. Source: ghsa-malware...

Malicious code in material-ui-plugin-cache-endpoint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45efd49ad74d002b46224881218cf53c763e58c0b71ed3d3ff3a79d1021f3a64 The package material-ui-plugin-cache-endpoint was found to contain malicious code. Source: ghsa-malware...

CVE-2025-64178

Jellysweep is a cleanup tool for the Jellyfin media server. In versions 0.12.1 and below, /api/images/cache, used to download media posters from the server, accepted a URL parameter that was directly passed to the cache package, which downloaded the poster from this URL. This URL parameter can be...

CVE-2025-64178

Jellysweep (the Jellyfin cleanup tool) has an input validation flaw in the /api/images/cache endpoint: an unvalidated url parameter is passed directly to the cache library, allowing the server to fetch arbitrary content. Affected versions are 0.12.1 and earlier; authenticated users only can trigg...

CVE-2025-64178 Jellysweep uses uncontrolled data in image cache API endpoint

Jellysweep is a cleanup tool for the Jellyfin media server. In versions 0.12.1 and below, /api/images/cache, used to download media posters from the server, accepted a URL parameter that was directly passed to the cache package, which downloaded the poster from this URL. This URL parameter can be...

Jellysweep 代码问题漏洞

Jellysweep is a smart cleanup tool for media servers by Jonah Personal Developer. A code issue vulnerability exists in Jellysweep 0.12.1 and prior versions, which stems from an unvalidated URL parameter in the /api/images/cache endpoint that could result in the download of arbitrary content...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the url parameter in the /api/images/cache endpoint. An attacker can cause the server to download arbitrary content by supplying a crafted URL. This is only exploitable if the attacker is an...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the url parameter in the /api/images/cache endpoint. An attacker can cause the server to download arbitrary content by supplying a crafted URL. This is only exploitable if the attacker is an...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the url parameter in the /api/images/cache endpoint. An attacker can cause the server to download arbitrary content by supplying a crafted URL. This is only exploitable if the attacker is an...

Jellysweep uses uncontrolled data in image cache API endpoint

Impact The /api/images/cache which is used to download media posters from the server accepted an url parameter, which was directly passed to the cache package and that downloaded the poster from this URL. This URL parameter can be used to make the jellysweep server download arbitrary content. The...