Lucene search
K

99 matches found

CVE
CVE
added 5 days ago11 views

CVE-2026-59216

Open WebUI prior to 0.10.0 is vulnerable to cross-user code execution via unvalidated Socket.IO event-caller session_id. The get_event_call path delivers execute:python and execute:tool events to a client-supplied session_id after only confirming the session is connected, enabling an attacker who...

9CVSS6AI score0.00276EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59219

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decodetoken without the Redis-backed...

7.1CVSS5.9AI score0.00259EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42623

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.16 before 0.10.0, the Socket.IO server is configured with alwaysconnect=True. The ydoc:awareness:update and ydoc:document:leave Socket.IO handlers accepted collaborative-document events without requirin...

3.1CVSS5.9AI score0.00222EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-56832

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.6.16 through 0.9.x Description The Socket.IO server is configured with always connect=True, which allows the ydoc:awareness:update and ydoc:document:leave Socket.IO handlers to accept collaborative-document events without...

6.5CVSS6.1AI score0.00222EPSS
Exploits1References8
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42373

Midscene Bridge Server through 1.10.3, fixed in commit 86f4118, contains a missing authentication and CORS misconfiguration vulnerability that allows unauthenticated remote attackers to hijack active bridge sessions by opening a cross-origin WebSocket connection to the local Socket.IO server, whi...

7.6CVSS6AI score0.00213EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-59725 Socket.IO: Engine.IO Polling Transport Connection Exhaustion

Socket.IO enables bidirectional and low-latency communication for every platform. From 4.1.0 before 6.6.7, Engine.IO protocol v4 polling transport does not properly close the HTTP response for invalid binary POST requests with Content-Type: application/octet-stream, allowing an unauthenticated...

7.5CVSS0.00354EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-42313

Socket.IO enables bidirectional and low-latency communication for every platform. From 4.1.0 before 6.6.7, Engine.IO protocol v4 polling transport does not properly close the HTTP response for invalid binary POST requests with Content-Type: application/octet-stream, allowing an unauthenticated...

7.5CVSS6AI score0.00354EPSS
Exploits0References3
CVE
CVE
added 6 days ago7 views

CVE-2026-59725

CVE-2026-59725 affects Socket.IO’s Engine.IO polling transport (versions 4.1.0–6.6.6). The root cause is that invalid binary POST requests with Content-Type: application/octet-stream are not properly closing the HTTP response, enabling unauthenticated attackers to exhaust server-side connections ...

7.5CVSS6AI score0.00354EPSS
Exploits0References3Affected Software1
CVE
CVE
added 6 days ago10 views

CVE-2026-59724

Socket.IO’s Engine.IO component is affected in versions 6.5.0–6.6.6 when WebTransport is enabled. During a WebTransport upgrade, processing a crafted session ID such as proto on an inherited property of the clients object can trigger a TypeError, leading to a denial of service. The issue has been...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-42312

Socket.IO enables bidirectional and low-latency communication for every platform. From 6.5.0 before 6.6.7, Engine.IO servers with WebTransport enabled can resolve a crafted session ID such as proto through an inherited property of the clients object during WebTransport upgrade handling, causing a...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56487

Name of the Vulnerable Software and Affected Versions Socket.IO versions 6.5.0 through 6.6.6 Description Engine.IO servers with WebTransport enabled are susceptible to a denial of service. During WebTransport upgrade handling, the server can resolve a crafted session ID, such as proto , through a...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References10
CVE
CVE
added 2026/06/23 4:38 p.m.26 views

CVE-2026-54022

Summary (grounded in provided sources): Open WebUI prior to version 0.8.11 has a logic bug in the ydoc:document:join handler: authorization is only enforced for document IDs starting with the prefix note:. The YdocManager stores documents using a normalized key where colons are replaced with unde...

5.3CVSS5.9AI score0.00268EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:38 p.m.42 views

CVE-2026-54022 Open WebUI: Any authenticated user can read other users' private notes via Socket.IO

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs b...

5.3CVSS0.00268EPSS
Exploits1References1
OSV
OSV
added 2026/06/23 4:38 p.m.4 views

CVE-2026-54022 Open WebUI: Any authenticated user can read other users' private notes via Socket.IO

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs b...

5.3CVSS6AI score0.00268EPSS
Exploits1References3
OSV
OSV
added 2026/06/08 11:6 p.m.11 views

GHSA-W86F-RF9W-H3X6 FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPERTY with response reading

Summary An unauthenticated attacker Alice connects to FUXA's Socket.IO endpoint and emits a device-webapi-request event whose property.address field names an arbitrary URL. FUXA's DEVICEWEBAPIREQUEST handler at server/runtime/index.js:296 calls axios.getaddress server-side and broadcasts the full...

8.2CVSS5.7AI score0.00101EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.9 views

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

5.4CVSS5.5AI score0.0022EPSS
Exploits1References1
OSV
OSV
added 2026/06/04 8:57 p.m.7 views

ROOT-APP-NPM-CVE-2023-32695 CVE-2023-32695 in @rootio/socket.io-parser - Patched by Root

Root has patched CVE-2023-32695 in the @rootio/socket.io-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.4AI score0.01059EPSS
Exploits0
NVD
NVD
added 2026/05/15 8:16 p.m.16 views

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

5.4CVSS0.0022EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.34 views

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS0.00284EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:54 p.m.7 views

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder