PT-2025-26621 · Unknown +1 · Visionatrix +1

Name of the Vulnerable Software and Affected Versions: Visionatrix versions 1.5.0 through 2.5.0 Description: The issue concerns a Reflected XSS Cross-Site Scripting attack via the "/docs/flows" endpoint, allowing full takeover of the application and exfiltration of secrets stored in the...

GHSA-W466-2WFC-8G58 Open WebUI has vulnerable dependency on starlette via fastapi

In version 0.3.32 of open-webui, the application uses a vulnerable version of the starlette package through its dependency on fastapi. The starlette package versions =0.49 are susceptible to uncontrolled resource consumption, which can be exploited to cause a denial of service through memory...