Lucene search
K

20 matches found

Cvelist
Cvelist
added 2026/06/23 4:41 p.m.34 views

CVE-2026-54019 Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus multitenancy mode is enabled. The ACL allows unknown non-KB collection names as...

6.5CVSS0.00281EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:41 p.m.22 views

CVE-2026-54019

Open WebUI CVE-2026-54019 describes an ACL bypass in Milvus multitenancy mode. Before version 0.9.6, collection-level ACL checks exist but can be bypassed when an attacker supplies user-controlled, unknown collection names, which Milvus treats as a resource_id and interpolates into an unsafe expr...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 5:57 p.m.10 views

Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode

RAG ACL Bypass in Milvus Multitenancy Mode Summary This is a bypass of the fix for: - GHSA-h36f-rqpx-j5wx - CVE-2026-44560 - "Unauthorized File and Knowledge Base Content Access via RAG Vector Search" Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus...

6.5CVSS5.5AI score0.00366EPSS
Exploits2References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44337

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS5.6AI score0.00216EPSS
Exploits1References1
OSV
OSV
added 2026/05/11 1:57 p.m.9 views

GHSA-3643-7V76-5CJ2 PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries

Summary PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names into these backends can trigger SQL or CQL injection. Details This issue affec...

6.3CVSS6AI score0.00216EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/08 4:28 p.m.12 views

SQL Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

6.3CVSS6AI score0.00216EPSS
Exploits1References2
NVD
NVD
added 2026/05/08 2:16 p.m.11 views

CVE-2026-44337

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS0.00216EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/08 1:33 p.m.9 views

CVE-2026-44337 PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS5.8AI score0.00216EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/08 1:33 p.m.31 views

CVE-2026-44337 PraisonAI knowledge-store backends interpolate unvalidated collection names into SQL and CQL queries

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS0.00216EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:33 p.m.7 views

CVE-2026-44337

PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and index identifiers from unvalidated name and collection arguments. Applications that pass untrusted collection names...

6.3CVSS5.8AI score0.00216EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/27 7:15 p.m.24 views

CVE-2026-26997 ClipBucket v5 has Stored XSS via Collection name

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, a normal authenticated user can store the XSS payload. The payload is triggered by administrator. Version 5.5.3 59 fixes the issue...

5.1CVSS0.002EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/15 10:55 p.m.3 views

CVE-2025-64338 ClipBucket's Manage Photos Feature is Vulnerable to Stored XSS via Collection Name

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - 156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucket’s Manage Photos feature vulnerable to Stored XSS. The payload is...

5.1CVSS6.2AI score0.00396EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14510

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.00477EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/15 4:34 p.m.27 views

CVE-2025-31493

Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data...

9.1CVSS6.8AI score0.00477EPSS
Exploits0References1
OSV
OSV
added 2025/05/13 8:2 p.m.7 views

GHSA-X275-H9J4-7P4H Kirby vulnerable to path traversal of collection names during file system lookup

TL;DR This vulnerability affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data. Sites that only use fixed calls to the collection helper/$kirby-collection method i.e. calls...

6.3CVSS6.6AI score0.00477EPSS
Exploits0References7
CVE
CVE
added 2025/05/13 3:24 p.m.44 views

CVE-2025-31493

Kirby CVE-2025-31493 affects versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 where dynamic collection names passed to collection() or $kirby->collection() can bypass validation, enabling path traversal. The missing check allowed traversal outside the configured collections root (and even Kirby ...

9.1CVSS6.5AI score0.00477EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-20919 · Kirby · Kirby

Name of the Vulnerable Software and Affected Versions: Kirby versions prior to 3.9.8.3 Kirby versions prior to 3.10.1.2 Kirby versions prior to 4.7.1 Description: A vulnerability in Kirby affects sites that use the collection helper or $kirby-collection method with a dynamic collection name,...

6.3CVSS6.4AI score0.00477EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.6 views

CVE-2023-23635

In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim...

6.7AI score0.00562EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/09/10 12:0 a.m.25 views

Appwrite Vulnerable to Cross-site Scripting

Appwrite is vulnerable to stored cross-site scripting in usernames, function names, storage bucket names, and database collection names...

9CVSS6AI score0.00663EPSS
Exploits2References5Affected Software1
OSV
OSV
added 2022/09/10 12:0 a.m.20 views

GHSA-5FFJ-MPH5-C5HV Appwrite Vulnerable to Cross-site Scripting

Appwrite is vulnerable to stored cross-site scripting in usernames, function names, storage bucket names, and database collection names...

5.4CVSS5.3AI score0.00663EPSS
Exploits2References5
Rows per page
Query Builder