CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

CVE-2026-54008

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/openwebui/utils/oauth.py::processpictureurl calls validateurlpictureurl on the initial URL only, then invokes aiohttp.ClientSession.getpictureurl, ... without...

CVE-2026-54013

CVE-2026-54013 describes a stored XSS in Open WebUI where the model profile image URL could be a data:image/svg+xml;base64 payload. The root cause is missing input validation on ModelMeta.profile_image_url and missing output protections in the model image endpoint (no MIME allowlist, no nosniff, ...

CVE-2023-54365

creationtimestamp| type| source ---|---|--- 2026-06-23 14:37:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moxmsqt73o2b...

CVE-2025-71337

Flowise before 3.0.10 affected versions 3.0.7 and earlier contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the account profile endpoint without confirming the change to the...

CVE-2025-71341

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

CVE-2025-71341

CVE-2025-71341 : The affected component is picklescan (versions before 0.0.29). The root cause is that the analyzer fails to detect the profile.Profile.runctx function when inspecting pickle files, specifically in the reduce method. This enables remote attackers to craft pickle payloads that embe...

CVE-2025-71341 picklescan - Remote Code Execution via Undetected profile.Profile.runctx

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

CVE-2025-71337

CVE-2025-71337 affects Flowise before 3.0.10 (impacted: 3.0.7 and earlier). A authenticated user can change the account email via the account profile endpoint without confirming the change to the original email or re-entering the current password, enabling potential account takeover and abuse of ...

CVE-2025-71337 Flowise - Unverified Email Change via Account Profile Endpoint

Flowise before 3.0.10 affected versions 3.0.7 and earlier contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the account profile endpoint without confirming the change to the...

EUVD-2025-210304

Flowise before 3.0.10 affected versions 3.0.7 and earlier contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the account profile endpoint without confirming the change to the...

CVE-2026-8379

creationtimestamp| type| source ---|---|--- 2026-06-23 08:21:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mowxtmrwaw2c...

CVE-2026-9733

creationtimestamp| type| source ---|---|--- 2026-06-23 08:04:32+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mowwurvmxt2r...

CVE-2026-55654

creationtimestamp| type| source ---|---|--- 2026-06-23 07:53:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mowwbexkdi2a...

CVE-2026-12866

creationtimestamp| type| source ---|---|--- 2026-06-23 06:00:34+00:00| seen| https://infosec.exchange/users/offseq/statuses/116797893970275740 2026-06-23 06:00:56+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mowpwxfz6z2b 2026-06-23 07:57:27+00:00| seen|...

Spring Cloud Config Server - Path Traversal

Spring Cloud 3.1.x 3.1.13, 4.1.x 4.1.9, 4.2.x 4.2.3, 4.3.x 4.3.2, and 5.0.x 5.0.2 contain a path traversal caused by profile parameter substitution in Config Server using native file system backend, letting attackers access files outside configured directories, exploit requires crafted request. i...

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/dns.php Profile Name or notes field. id: CVE-2018-19914 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

CVE-2026-54232

creationtimestamp| type| source ---|---|--- 2026-06-23 01:05:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mow7gveg3u2j...

CVE-2026-54235

creationtimestamp| type| source ---|---|--- 2026-06-23 00:35:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mow5sapd2523...

CVE-2026-48506

creationtimestamp| type| source ---|---|--- 2026-06-23 00:32:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mow5neb5pq2v...