Lucene search
+L

317 matches found

Vulnrichment
Vulnrichment
added 2026/05/15 7:43 p.m.6 views

CVE-2026-44558 Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filterallowedaccessgrants on either create or update paths. A non-admin user who can create group channels or who owns a channel can submit arbitrary...

5.4CVSS5.9AI score0.0019EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 7:43 p.m.28 views

CVE-2026-44558

Open WebUI contains a vulnerability in the channel access grants path prior to version 0.9.0. The channel router does not call filter_allowed_access_grants on create or update, allowing a non-admin user who can create or own a group channel to submit arbitrary access grants (including public wild...

5.4CVSS5.9AI score0.0019EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/15 7:43 p.m.2 views

CVE-2026-44558 Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filterallowedaccessgrants on either create or update paths. A non-admin user who can create group channels or who owns a channel can submit arbitrary...

5.4CVSS6AI score0.0019EPSS
Exploits1References3
CVE
CVE
added 2026/05/15 6:11 a.m.65 views

CVE-2026-41702

VMware Fusion is affected by a local privilege escalation TOCTOU flaw in a SETUID binary (CVE-2026-41702). The issue allows a non-administrative local user to escalate to root on systems with Fusion installed. Connected advisories confirm a fix in Fusion 26H1; the remediation is to apply the 26H1...

7.8CVSS5.8AI score0.00122EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/14 8:25 p.m.7 views

GHSA-JH9G-8JQW-M2QX Open WebUI Exposes System Prompt to Regular User [Non-Admin]

Summary A regular user non-admin can view the system prompt of the model which is set by an admin. Details When a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of available...

6.5CVSS5.7AI score0.00281EPSS
Exploits1References4
NVD
NVD
added 2026/05/13 7:16 p.m.8 views

CVE-2026-0235

A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies...

5.8CVSS0.0011EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 6:51 p.m.20 views

CVE-2026-0246

CVE-2026-0246: Prisma Access Agent contains a privilege management flaw that allows a locally authenticated non-administrative user to escalate to root on macOS/Linux or NT AUTHORITY\SYSTEM on Windows, enabling arbitrary code execution and access to privileged data. Affected: Prisma Access Agent ...

8.5CVSS6.1AI score0.00147EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/13 6:51 p.m.34 views

CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability

A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code an...

8.5CVSS0.00147EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 6:16 p.m.12 views

CVE-2026-0237

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands t...

7.8CVSS0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 6:14 p.m.21 views

CVE-2026-0235

CVE-2026-0235 is a race-condition vulnerability in Palo Alto Networks Prisma Browser. The description states that a locally authenticated non-admin user can bypass certain access and data control policies due to this race condition. No specific vulnerable components, versions, or root-cause detai...

5.8CVSS5.8AI score0.0011EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.17 views

PT-2026-40748

Name of the Vulnerable Software and Affected Versions Prisma Browser on macOS affected versions not specified Description A code injection issue exists where the software fails to properly restrict access to its AppleScript interface. This allows a locally authenticated non-admin user to use an...

7.3CVSS5.9AI score0.00158EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40770

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma Access Agent affected versions not specified Description A flaw in the privilege management mechanism allows a locally authenticated non-administrative user to escalate privileges to root on macOS and Linux, or NT...

8.5CVSS6.1AI score0.00147EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40747

Name of the Vulnerable Software and Affected Versions Prisma Browser affected versions not specified Description A race condition allows a locally authenticated non-admin user to bypass specific access and data control policies. A race condition is a situation where the system's substantive...

5.8CVSS5.8AI score0.0011EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:32 p.m.10 views

CVE-2026-42312

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The option "general",...

8.8CVSS5.8AI score0.00815EPSS
Exploits5References2Affected Software1
OSV
OSV
added 2026/05/11 2:25 p.m.8 views

GHSA-HMJQ-CRXP-7RJW Open WebUI has inconsistent authorization controls within memories API

Summary Authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories. Details Using a newly created non-admin user with no existing memories, it is possible to view existing...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References3
OSV
OSV
added 2026/05/08 7:50 p.m.6 views

GHSA-7RJH-PX4V-5W55 Open WebUI's Channel Access Grants Bypass filter_allowed_access_grants

Channel Access Grants Bypass filterallowedaccessgrants Affected Component Channel creation and update endpoints: - backend/openwebui/routers/channels.py lines 291-340, createnewchannel - backend/openwebui/routers/channels.py lines 617-638, updatechannelbyid - backend/openwebui/models/channels.py...

5.4CVSS5.9AI score0.0019EPSS
Exploits1References3
CVE
CVE
added 2026/05/04 10:7 p.m.25 views

CVE-2026-7791

CVE-2026-7791 concerns the Skylight Workspace Config Service in Amazon WorkSpaces for Windows prior to version 2.6.2034.0 . A flaw in log rotation privilege management lets a local non-admin authenticated user place arbitrary files in arbitrary locations, bypassing file system permissions and ena...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/04 10:7 p.m.9 views

Incorrect Authorization

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization in the setconfigvalue process. An attacker can disable outbound TLS peer verification by setting the sslverify configuration to 'off...

7.6CVSS5.7AI score0.00174EPSS
Exploits1References4
OSV
OSV
added 2026/05/04 10:7 p.m.5 views

GHSA-CCXC-X975-4HH9 pyload-ng: non-admin SETTINGS users can disable outbound TLS peer verification via unrestricted `ssl_verify` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)

Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The option "general", "sslverify" is not on that allowlist. Any authenticated user with the non-admin SETTINGS...

6.8CVSS5.8AI score0.00174EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.14 views

PT-2026-37141

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description An authorization mismatch exists between the frontend UI and the backend data endpoint. While the frontend correctly restricts the "show all organizations" filter to full administrators, the 'contact...

4.9CVSS5.8AI score0.00322EPSS
Exploits0References5
Rows per page
Query Builder