CVE-2026-45386

creationtimestamp| type| source ---|---|--- 2026-05-10 19:30:33+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-5gc6-xhv4-2wg6...

GHSA-HR43-RJMR-7WMM Open WebUI's Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts

Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts Affected Component Folder creation endpoint and form model: - backend/openwebui/models/folders.py lines 72-77, FolderForm with extra='allow' - backend/openwebui/models/folders.py lines 95-106,...

CVE-2026-21860 vulnerabilities

Vulnerabilities for packages: azure-functions-python-worker, superset, tensorflow-cpu-jupyter...

PT-2020-1517 · Oracle · Siebel Ui Framework

Name of the Vulnerable Software and Affected Versions: Oracle Siebel CRM Siebel UI Framework versions 19.7 and prior Description: The issue is related to insufficient access controls in the UIF Open UI component of the Siebel UI Framework product. It allows an unauthenticated attacker with networ...

CVE-2019-2857

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 19.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful...

CVE-2017-3330

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: Open UI. The supported version that is affected is 16.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require...

CVE-2016-5450

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI...