Lucene search
K

9876 matches found

Patchstack
Patchstack
added 5 days ago4 views

WordPress BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin <= 4.6.0 - Authenticated (Custom+) SQL Injection vulnerability

Authenticated Custom+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin BetterDocs versions = 4.6.0...

6.5CVSS6AI score0.0026EPSS
Exploits0References1Affected Software1
NVD
NVD
added 5 days ago6 views

CVE-2026-59217

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...

4.3CVSS0.00272EPSS
Exploits1References4
CVE
CVE
added 5 days ago8 views

CVE-2026-59217

Open WebUI prior to version 0.10.0 allowed a metadata.knowledge_id value in file uploads to auto-link files to a knowledge base, bypassing the write-access check on /api/v1/knowledge//file/add. This enabled read-only knowledge-base users to add arbitrary files. The issue is fixed in version 0.10....

4.3CVSS6AI score0.00272EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-59217 Open WebUI: Upload `metadata.knowledge_id` bypasses the knowledge-base write-access check (read-only users can add files to KB)

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...

4.3CVSS0.00272EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/02 7:42 p.m.7 views

EUVD-2026-41429

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 7:42 p.m.36 views

CVE-2026-59098 LobeChat 2.2.9 - Cross-User Document Disclosure via Unscoped RAG Semantic Search

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS0.00238EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:42 p.m.9 views

CVE-2026-59098

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/07/02 11:58 a.m.5 views

WordPress weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by PRISM in WordPress Plugin weDocs versions = 2.3.0...

6.4CVSS5.9AI score0.00206EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2026/07/02 12:0 a.m.6 views

KLA91128 PE vulnerability in Microsoft Apps

Privilege escalation vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-41106 Exploitation Related products Microsoft-365 CVE list CVE-2026-41106 unknown Solution Install necessary updates from the KB section,...

9.3CVSS5.9AI score0.00531EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:43 p.m.5 views

CVE-2026-54016

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no...

4.3CVSS6AI score0.00226EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/23 4:43 p.m.5 views

CVE-2026-54016 Open WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no...

4.3CVSS6.1AI score0.00226EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 4:43 p.m.43 views

CVE-2026-54016 Open WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no...

4.3CVSS0.00226EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:43 p.m.22 views

CVE-2026-54016

CVE-2026-54016 : Open WebUI (self-hosted offline AI platform) suffers a Broken Object Level Authorization in the builtin search_knowledge_files tool. When native function calling is enabled and a model has no attached knowledge bases, an authenticated user can supply an arbitrary knowledge_id and...

4.3CVSS6AI score0.00226EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:29 p.m.41 views

CVE-2026-42867 Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without...

6.5CVSS0.00313EPSS
Exploits1References2
OSV
OSV
added 2026/06/17 5:57 p.m.6 views

GHSA-P5CP-R7RG-QPXC Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode

RAG ACL Bypass in Milvus Multitenancy Mode Summary This is a bypass of the fix for: - GHSA-h36f-rqpx-j5wx - CVE-2026-44560 - "Unauthorized File and Knowledge Base Content Access via RAG Vector Search" Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus...

6.5CVSS5.7AI score0.00281EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/17 5:57 p.m.14 views

Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode

RAG ACL Bypass in Milvus Multitenancy Mode Summary This is a bypass of the fix for: - GHSA-h36f-rqpx-j5wx - CVE-2026-44560 - "Unauthorized File and Knowledge Base Content Access via RAG Vector Search" Open WebUI added collection-level ACL checks, but the patch can still be bypassed when Milvus...

6.5CVSS5.5AI score0.00366EPSS
Exploits2References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 2:31 p.m.18 views

Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration

Summary Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no attached knowledge bases, an authenticated user can call searchknowledgefiles with an arbitrary knowledgeid...

4.3CVSS5.6AI score0.00226EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/17 2:31 p.m.7 views

GHSA-CX9V-4QJ2-JRW6 Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration

Summary Open WebUI has a Broken Object Level Authorization BOLA vulnerability in the builtin searchknowledgefiles tool. When native function calling is enabled and the selected model has no attached knowledge bases, an authenticated user can call searchknowledgefiles with an arbitrary knowledgeid...

4.3CVSS5.6AI score0.00226EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50591

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description An issue exists in the self-hosted artificial intelligence platform where collection-level Access Control List ACL checks can be bypassed when Milvus multitenancy mode is enabled. The ACL permits...

6.5CVSS5.9AI score0.00281EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/06/16 5:35 p.m.11 views

Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

Summary Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without proper sanitization or containment checks. An authenticated attacker can exploit this flaw...

6.5CVSS5.5AI score0.00313EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder