CVE-2026-45315 Open WebUI: Stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serve...

Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions

Summary The audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serves these files via FileResponse, which sets Content-Type from the on-disk extension and emits no...

CVE-2026-33647

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An...

AVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File Upload

Summary The ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An attacker can upload a polyglot file valid JPEG magic bytes followed by PHP cod...

GHSA-WXJW-PHJ6-G75W AVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File Upload

Summary The ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An attacker can upload a polyglot file valid JPEG magic bytes followed by PHP cod...

CVE-2026-33647

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An...

CVE-2026-33647 AVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File Upload

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An...

PT-2026-27169

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description AVideo is an open source video platform. The ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the...

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine CERT-UA. The emails, per the agency, are sent using compromised accounts and come with a ZIP...

Monomorph - MD5-Monomorphic Shellcode Packer - All Payloads Have The Same MD5 Hash

════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id ═══ MD5-Monomorphic Shellcode Packer ═ ══ USAGE: python3 monomorph.py inputfile outputfile payloadfile What does it do? It...