EUVD-2026-30605

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

Open WebUI has Broken Access Control for Completions API

Summary Any user X can continue the conversation of any other user Y, as long as the Chat ID of Y is known. User X does not even need to be an admin to do so. Details A user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of anoth...

PT-2026-41179

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description An issue exists where a user can continue the conversation of another user if the target user's Chat ID is known. This occurs because the system fails to verify if the Chat ID matches the user who...

Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint

Summary A Mass Assignment vulnerability in the /api/v1/leads endpoint allows any unauthenticated user to control internal entity fields id, createdDate, chatId by including them in the request body. The endpoint uses Object.assign to copy all properties from the request body to the Lead entity...

GHSA-MQ4R-H2GH-QV7X Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint

Summary A Mass Assignment vulnerability in the /api/v1/leads endpoint allows any unauthenticated user to control internal entity fields id, createdDate, chatId by including them in the request body. The endpoint uses Object.assign to copy all properties from the request body to the Lead entity...

PT-2026-23788

Flowise and Affected Versions Flowise versions prior to 3.0.13 Description Flowise is a drag & drop user interface to build a customized large language model flow. A mass assignment issue exists in the /api/v1/leads endpoint, allowing unauthenticated users to control internal entity fields id,...

Flowise has an Arbitrary File Read

Summary An arbitrary file read vulnerability in the chatId parameter supplied to both the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows...

CVE-2025-46541

creationtimestamp| type| source ---|---|--- 2025-04-24 18:55:00+00:00| seen| https://t.me/cvedetector/23676...

PT-2025-4029 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and below Description: An Improper Access Control issue allows an authenticated attacker to obtain chat messages belonging to other users by modifying the CHAT ID parameter in the endpoint "/embedai/chats/load messages?ch...

RHSA-2024:0089

creationtimestamp| type| source ---|---|--- 2024-01-09 10:16:53+00:00| seen| https://t.me/ctinow/164898...