Lucene search
K

7820 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-42639

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS6AI score
Exploits0References4
CVE
CVE
added yesterday10 views

CVE-2026-59225

Open WebUI vulnerability CVE-2026-59225 affects versions 0.8.12 up to before 0.10.0. An authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model via task endpoints like /api/v1/tasks/moa/completions. The normal chat flow re-checks submodel ac...

6.3CVSS6AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday7 views

CVE-2026-59225

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS6AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added yesterday18 views

CVE-2026-59225 Open WebUI: Arena task endpoints can bypass underlying model access controls

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS
Exploits0References4
Cvelist
Cvelist
added yesterday16 views

CVE-2026-59219 Open WebUI: Realtime endpoints accept Redis-revoked JWTs after signout/backchannel logout

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decodetoken without the Redis-backed...

7.1CVSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-42616

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

7.3CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-59214

Open WebUI (self-hosted AI platform) before 0.10.0 is affected by a stored web worker XSS via Pyodide. The vulnerability arises when Pyodide runs in a same-origin web worker and stored chat payloads can cause authenticated same-origin requests through pyodide.http.pyfetch or the browser fetch/XML...

7.3CVSS6.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-59214

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

7.3CVSS6.1AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-59214 Open WebUI: Stored web worker XSS via Pyodide

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

7.3CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42612

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated reques...

7.1CVSS5.9AI score
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-54798

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42563

The Divi Torque Lite – Divi Theme, Divi Builder & Extra Theme plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.3. This is due to the use of 'returntrue' as the permissioncallback for the /installplugin and /activateplugin REST API endpoint...

8.8CVSS5.9AI score
Exploits0References8
Cvelist
Cvelist
added yesterday17 views

CVE-2026-4275 Divi Torque Lite <= 4.2.3 - Cross-Site Request Forgery to Arbitrary Plugin Installation via 'install_plugin' REST Endpoint

The Divi Torque Lite – Divi Theme, Divi Builder & Extra Theme plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.3. This is due to the use of 'returntrue' as the permissioncallback for the /installplugin and /activateplugin REST API endpoint...

8.8CVSS
Exploits0References8
NVD
NVD
added yesterday6 views

CVE-2026-57111

Permissive Cross-Origin Resource Sharing CORS in the REST API helix-rest, org.apache.helix.rest.server.filters.CORSFilter in Apache Helix through 2.0.0 on all platforms allows a remote attacker controlling a web page visited by an authorized user to read responses from and issue cross-origin...

7.5CVSS0.0017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57111

Permissive Cross-Origin Resource Sharing CORS in the REST API helix-rest, org.apache.helix.rest.server.filters.CORSFilter in Apache Helix through 2.0.0 on all platforms allows a remote attacker controlling a web page visited by an authorized user to read responses from and issue cross-origin...

7.5CVSS6AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-42529

Permissive Cross-Origin Resource Sharing CORS in the REST API helix-rest, org.apache.helix.rest.server.filters.CORSFilter in Apache Helix through 2.0.0 on all platforms allows a remote attacker controlling a web page visited by an authorized user to read responses from and issue cross-origin...

7.5CVSS6AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday20 views

CVE-2026-57111 Apache Helix REST: Permissive CORS Configuration in REST API Allows Unrestricted Cross-Origin

Permissive Cross-Origin Resource Sharing CORS in the REST API helix-rest, org.apache.helix.rest.server.filters.CORSFilter in Apache Helix through 2.0.0 on all platforms allows a remote attacker controlling a web page visited by an authorized user to read responses from and issue cross-origin...

0.0017EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-12270

The CVE concerns Everest Forms for WordPress prior to version 3.5.0. The vulnerability arises because access controls on several onboarding-assistant REST API endpoints are bypassable: the capability check only runs when a specific attacker‑controlled request header has a value, allowing unauthen...

6.5CVSS5.9AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday21 views

CVE-2026-12270 Everest Forms < 3.5.0 - Unauthenticated Missing Authorization via Site Assistant REST Endpoints

The Everest Forms WordPress plugin before 3.5.0 does not correctly restrict access to several REST API endpoints belonging to its onboarding assistant: the capability check is only applied when an attacker-controllable request header holds a specific value, so it can be bypassed by omitting or...

0.00145EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday25 views

WordPress AI Engine Plugin - Token Exposure

Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...

9.8CVSS7.2AI score0.75063EPSS
Exploits5References2
Rows per page
Query Builder