11199 matches found
CVE-2026-29070 Open WebUI has unauthorized deletion of knowledge files
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base or is admin,...
CVE-2026-29070 Open WebUI has unauthorized deletion of knowledge files
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base or is admin,...
CVE-2026-29070
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base or is admin,...
CVE-2026-29070
Open WebUI is a self-hosted offline AI platform. CVE-2026-29070 describes an access-control flaw present before version 0.8.6 where deleting a file from a knowledge base did not verify that the file belonged to that knowledge base—only that the user had write access or was an admin. This allows d...
CVE-2026-28788 Open WebUI's process_files_batch() endpoint missing ownership check, allows unauthorized file overwrite
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the POST /api/v1/retrieval/process/files/batch endpoint. The endpoint performs no ownership check, so a...
CVE-2026-28788 Open WebUI's process_files_batch() endpoint missing ownership check, allows unauthorized file overwrite
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the POST /api/v1/retrieval/process/files/batch endpoint. The endpoint performs no ownership check, so a...
CVE-2026-28788
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the POST /api/v1/retrieval/process/files/batch endpoint. The endpoint performs no ownership check, so a...
CVE-2025-36187
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2026-1393
The Add Google Social Profiles to Knowledge Graph Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to...
EUVD-2025-209040
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
PT-2026-28382
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the...
Outline 安全漏洞
Outline is an open-source knowledge base developed by Outline. Versions of Outline from 0.86.0 to 1.6.0 have security vulnerabilities. These vulnerabilities stem from the failure to invalidate OTP codes based on the number or frequency of invalid submissions, which can lead to brute-force attacks...
PT-2026-28385
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is an artificial intelligence platform designed for offline operation. A missing access control check when deleting files from a knowledge base allows a user with write access to a...
CVE-2025-36187
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-36187
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-36187 Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-36187 Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
CVE-2025-36187
CVE-2025-36187 is linked to IBM Knowledge Catalog Standard Cartridge. The IBM bulletin describes a vulnerability where the product stores potentially sensitive information in log files that could be read by a local privileged user ( CWE-532: Insertion of Sensitive Information into Log File ). Aff...
Security Bulletin: Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge
Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog Standard Cartridge. These vulnerabilities had been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-36187 DESCRIPTION: IBM...
@grackle-ai/mcp has a workspace authorization bypass in its knowledge_search MCP tool
Impact The knowledgesearch and knowledgegetnode MCP tools are included in SCOPEDTOOLS visible to scoped agents but their handlers do not receive authContext and do not enforce workspace scoping. A scoped agent in Workspace A can supply an arbitrary workspaceId parameter to search or retrieve...