CVE-2026-44563

Open WebUI/Open WebUI’s Ollama integration vulnerability (CVE-2026-44563) affects the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints. These endpoints forward a user-supplied model name to the Ollama backend without enforcing AccessGrants.has_access(), effectively bypassing mo...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints, which accepted...

GHSA-RCVP-6FGW-C7FH Open WebUI's Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show

Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show Affected Component Ollama proxy endpoints missing model access control: - backend/openwebui/routers/ollama.py lines 955-995, generatecompletion - backend/openwebui/routers/ollama.py lines 835-881, emb...

CVE-2026-5780

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...

CVE-2026-5780

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...

CVE-2026-5780

CVE-2026-5780 concerns an insecure direct object reference (IDOR) in MphRx’s Minerva v3.6.0, specifically the /minerva/moUser/show/ endpoint. An authenticated user can modify the ID to access data of other registered users, enabling listing of users. The CVSS 4.0 base score is 8.5 (HIGH) with NET...

EUVD-2026-26038

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an...

MphRx Minerva 访问控制错误漏洞

MphRx Minerva is a medical data integration and interoperability platform developed by MphRx Corporation. Version MphRx Minerva V3.6.0 contains a security vulnerability related to access control. This vulnerability stems from an insecure direct object reference in the /minerva/moUser/show endpoin...

PT-2026-35715

Name of the Vulnerable Software and Affected Versions Minerva version 3.6.0 Description An insecure direct object reference IDOR issue exists in the '/minerva/moUser/show/' endpoint. An authenticated user can access data of other registered users and obtain a user list by modifying the ID variabl...

CVE-2026-33431

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

CVE-2026-33431 Roxy-WI Vulnerable to Authenticated Arbitrary File Read via Path Traversal in Config Version Viewer

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

CVE-2026-33431

Roxy-WI vulnerability CVE-2026-33431: before 8.2.6.4, the POST /config//show endpoint uses a user-supplied configver to form a local file path, bypassing the path-traversal guard limited to the base directory. An authenticated attacker can supply ../ sequences to read arbitrary files accessible t...

EUVD-2026-23966

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

CVE-2026-33431 Roxy-WI Vulnerable to Authenticated Arbitrary File Read via Path Traversal in Config Version Viewer

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

Roxy-WI 安全漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Versions of Roxy-WI prior to 8.2.6.4 contained security vulnerabilities. These vulnerabilities stemmed from a path traversal issue with the configver parameter in the POST /config//show API...

CVE-2024-43028

A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...

PT-2026-27493

solidtime is an open-source time-tracking app. Prior to version 0.11.6, the project detail endpoint GET /api/v1/organizations/org/projects/project allows any authenticated Employee to access any project in the organization by UUID, including private projects they are not a member of. The index...

PT-2025-4028 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and below Description: An Improper Access Control issue allows an authenticated attacker to show subscription's information of other users by modifying the SUSCBRIPTION ID parameter of the endpoint...

PT-2025-4031 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and below Description: An Improper Access Control issue allows an authenticated attacker to obtain files stored by other users by modifying the FILE ID of the endpoint "/embedai/files/show/". Recommendations: For EmbedAI...

PT-2025-4035 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and earlier Description: A Reflected Cross-Site Scripting issue has been identified, allowing an authenticated attacker to craft a malicious URL by leveraging the "/embedai/users/show/" endpoint. This enables the injectio...