PT-2026-41201

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description An authorization bypass allows any authenticated user to permanently delete files owned by other users. This occurs when a target file is referenced in any shared chat, as the has access to file...

PT-2026-41193

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.12 Description An Insecure Direct Object Reference IDOR exists in the retrieval API due to insufficient validation in the validate collection access function. While the function checks specific prefixes for use...

PT-2026-41197

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description Multiple endpoints accept a user-supplied file id and attach the referenced file to a resource controlled by the caller, such as folder knowledge or knowledge-base contents, without verifying if t...

CVE-2026-42048

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API DELETE /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are concatenated directly into file paths withou...

Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION...

CVE-2026-34176 Knowledge Appliance mode iControl REST vulnerability

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

CKAN 安全漏洞

CKAN is an open-source data management system developed by CKAN itself. It is used to power data centers and data portals. Versions of CKAN prior to 2.10.10 and 2.11.5 contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability in datastoresearchsql, which allowed...

CVE-2026-42048

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API DELETE /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are concatenated directly into file paths withou...

CVE-2026-42048 Langflow: Path Traversal in Langflow Knowledge Bases API

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API DELETE /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are concatenated directly into file paths withou...

CVE-2026-42048 Langflow: Path Traversal in Langflow Knowledge Bases API

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API DELETE /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are concatenated directly into file paths withou...

CVE-2026-42048

Langflow prior to 1.9.0 is vulnerable to path traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases) due to user-supplied kb_names being concatenated into file paths. The issue stems from building paths manually and passing them to deletion without proper normalization, enabling an...

2026-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5087544)

2026-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems KB5087544...

2026-05 .NET 10.0.8 Security Update for x64 Client (KB5093446)

2026-05 .NET 10.0.8 Security Update for x64 Client KB5093446...

2026-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5087538)

2026-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems KB5087538...

2026-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5087538)

2026-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems KB5087538...

2026-05 .NET 8.0.27 Security Update for x64 Client (KB5093447)

2026-05 .NET 8.0.27 Security Update for x64 Client KB5093447...

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5087065)

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 KB5087065...

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5088860)

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5088860...

2026-05 .NET 10.0.8 Security Update for ARM64 Client (KB5093446)

2026-05 .NET 10.0.8 Security Update for ARM64 Client KB5093446...

2026-05 .NET 9.0.16 Security Update for x64 Client (KB5093448)

2026-05 .NET 9.0.16 Security Update for x64 Client KB5093448...