Lucene search
+L

27 matches found

euvd
euvd
added 2026/07/09 5:4 p.m.7 views

EUVD-2026-42634

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, verifyknowledgefileaccess only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user...

5.4CVSS6AI score0.00308EPSS
Exploits1References4
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-392 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata

Description llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUMA, LoRa settings, loading tokenizers, and...

9.6CVSS7.8AI score0.2842EPSS
Exploits1References6
cve
cve
added 2026/06/23 4:47 p.m.36 views

CVE-2026-54012

CVE-2026-54012 pertains to Open WebUI. Before version 0.9.6, a user with model-creation/update/import rights could attach forged meta.knowledge entries of type file to their model. The system then trusts these entries as authorization sources, enabling a cross-user read and deletion of private fi...

7.1CVSS6AI score0.00198EPSS
Exploits1References1Affected Software1
github
github
added 2026/06/17 2:15 p.m.21 views

Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion

Summary Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the referenced files. Open WebUI then treats meta.knowledge entries of type file as an authorization source in two...

7.1CVSS5.6AI score0.00198EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.21 views

PT-2026-50484

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description Open WebUI allows users with permissions to create, update, or import workspace models to store arbitrary meta.knowledge entries without verifying ownership or read access to the referenced files...

7.1CVSS6AI score0.00198EPSS
Exploits1References13
vulnrichment
vulnrichment
added 2026/06/12 9:56 p.m.7 views

CVE-2026-53827 OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...

6.5CVSS5.3AI score0.00254EPSS
Exploits0References2
cve
cve
added 2026/06/12 9:56 p.m.27 views

CVE-2026-53827

OpenClaw is affected by CVE-2026-53827: before version 2026.5.2, a credential exposure vulnerability exists in message.action forwarding. The issue allows model-controlled metadata to forward action payloads containing Gateway credentials to attacker-supplied loopback URLs, enabling remote attack...

6.5CVSS5.3AI score0.00254EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/05 5:49 a.m.7 views

BIT-MLFLOW-2026-2734 Authorization Bypass in SearchModelVersions in mlflow/mlflow

In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...

6.5CVSS5.4AI score0.00441EPSS
Exploits1References3
snyk
snyk
added 2026/05/21 7:35 a.m.10 views

Access Control Bypass

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Access Control Bypass via the SearchModelVersions REST API endpoin...

7.1CVSS6.7AI score0.00441EPSS
Exploits1References2
snyk
snyk
added 2026/05/21 7:35 a.m.13 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query. An attacker can access sensitive information, including model names, version descriptions, source URIs, tags, and other...

7.1CVSS6.6AI score0.00441EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/05/21 3:49 a.m.9 views

CVE-2026-2734

In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...

6.5CVSS6.5AI score0.00441EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.25 views

PT-2026-42395

Name of the Vulnerable Software and Affected Versions mlflow/mlflow versions prior to 3.10.0 Description When basic authentication is enabled, the 'SearchModelVersions' REST API endpoint and the 'mlflowSearchModelVersions' GraphQL query lack proper per-model authorization checks. This allows any...

6.5CVSS6.6AI score0.00441EPSS
Exploits1References17
nvd
nvd
added 2026/04/10 5:17 p.m.4 views

CVE-2026-35619

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...

5.3CVSS0.00272EPSS
Exploits0References3
euvd
euvd
added 2026/04/10 4:3 p.m.5 views

EUVD-2026-21430

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...

5.3CVSS5.8AI score0.00272EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/10 4:3 p.m.30 views

CVE-2026-35619 OpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models Endpoint

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...

5.3CVSS0.00272EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/04/10 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.24 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypasses in the HTTP/v1/models endpoints, which failed to enforce the requirement for...

5.3CVSS5.8AI score0.00272EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/10 12:0 a.m.7 views

PT-2026-31954

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...

5.3CVSS5.8AI score0.00272EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/04/01 7:15 p.m.8 views

CVE-2026-34445

A flaw was found in Open Neural Network Exchange ONNX. An attacker could exploit a vulnerability in how ONNX processes model metadata, specifically within the ExternalDataInfo class. By crafting a malicious ONNX model, an attacker could overwrite internal object properties, leading to a denial of...

8.6CVSS5.8AI score0.00288EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/04/01 12:0 a.m.9 views

Open Neural Network Exchange 安全漏洞

Open Neural Network Exchange is an open-source ecosystem developed by Open Neural Network Exchange. It enables AI developers to choose the appropriate tools as the project evolves. Versions of Open Neural Network Exchange prior to 1.21.0 contained a security vulnerability. This vulnerability...

8.6CVSS5.8AI score0.00288EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.5 views

PT-2026-29577

Name of the Vulnerable Software and Affected Versions ONNX versions prior to 1.21.0 Description The ExternalDataInfo class in ONNX used Python’s setattr function to load metadata from ONNX model files without validating the keys. This allowed an attacker to craft a malicious model that could...

8.6CVSS5.9AI score0.00288EPSS
Exploits0References10
Rows per page
Query Builder