Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/23 4:49 p.m.39 views

CVE-2026-54009 Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the...

6.5CVSS0.00225EPSS
Exploits1References1
OSV
OSV
added 2025/12/19 3:31 p.m.5 views

GHSA-R2H2-G46H-8MX8 pretix has Broken Access Control Allowing Cross-User File Access via UUID

Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS6.7AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2025/12/08 5:16 p.m.5 views

CVE-2025-48591

In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS0.0008EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/06 5:21 p.m.5 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00079EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 6:15 p.m.3 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/04 5:11 p.m.3 views

CVE-2025-26430

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.3AI score0.00079EPSS
Exploits0References2
OSV
OSV
added 2025/05/01 12:0 a.m.26 views

ASB-A-372895305

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.3AI score0.00079EPSS
Exploits0References2
Rows per page
Query Builder