PT-2026-41168

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description An issue exists where the audio transcription upload endpoint uses the file extension from a user-supplied filename to save files. The '/cache/path' route serves these files via FileResponse, whic...

EUVD-2026-19362

The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.downloadfromurl in app/services/fileservice.py calls requests.geturl with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by...

PT-2026-30677

The whisperX API is a tool for enhancing and analyzing audio content. From 0.3.1 to 0.5.0, FileService.download from url in app/services/file service.py calls requests.geturl with zero URL validation. The file extension check occurs AFTER the HTTP request is already made, and can be bypassed by...

CVE-2026-28786

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...

EUVD-2026-16480

Open WebUI vulnerable to Path Traversal in POST /api/v1/audio/transcriptions...

CVE-2026-28786

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained security vulnerabilities; these vulnerabilities stemmed from the file name field in the speech-to-text endpoint, which could lead to information leakag...

CVE-2026-28786

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...

PT-2026-28381

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is a self-hosted artificial intelligence platform designed for offline operation. A flaw exists in the speech-to-text transcription endpoint where an unsanitized filename field allows a...

PT-2026-24699

Vociferous provides cross-platform, offline speech-to-text with local AI refinement. Prior to 4.4.2, the vulnerability exists in src/api/system.py within the export file route. The application accepts a JSON payload containing a filename and content. While the developer intended for a native UI...

Audio Multimodality: Expanding AI Interaction with Spring AI and OpenAI

This blog post is co-authored by our great contributor Thomas Vitale. OpenAI provides specialized models for speech-to-text and text-to-speech conversion, recognized for their performance and cost-efficiency. Spring AI integrates these capabilities via Voice-to-Text and Text-to-Speech TTS. The ne...

Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix

Summary WebSphere Application Server Liberty vulnerability to Cross-site Scripting fixed in Liberty 20.0.0.5. Fix included in ICP WatsonTexttoSpeech and Speech to Text v1.1.2 GA: 6/19/20. Vulnerability Details CVEID:CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3...

Security Bulletin: ICP Speech to Text, Text to Speech Oracle Java Vulnerability Fix

Summary An Oracle Java vulnerability has been fixed by a Redhat patch https://access.redhat.com/errata/RHSA-2020:0202, included in ICP Watson Text to Speech, Speech to Text v1.1.2 6/19/20. Vulnerability Details CVEID:CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

Security Bulletin: Information disclosure vulnerability in WebSphere Application Server affects IBM Watson Text to Speech and Speech to Text (IBM Watson™ Speech Services 1.1)

Summary There is a potential information disclosure vulnerability, where a Stack is displayed in IBM WebSphere Application Server. Vulnerability Details CVEID:CVE-2019-4441 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain...

Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix

Summary A WebSphere liberty vulnerability to a DOS has been fixed in Liberty 20.0.0.5. This fix is included in ICP WatsonTexttoSpeech, Speech to Text v1.1.2 6/19/20. Vulnerability Details CVEID:CVE-2019-4720 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a...

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2021-4104)

Summary A vulnerability in Apache Log4j CVE-2021-4104 has been identified that may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data. Several components of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data use Log4j to log diagnostic data unrelated to customer...

ReconPal - Leveraging NLP For Infosec

Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon...

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept PoC of the attack on January 2. "The idea of the attack is very simple...

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept PoC of the attack on January 2. "The idea of the attack is very simple...

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

An old attack method dating back to 2017 that uses voice-to-text to bypass CAPTCHA protections turns out to still work on Google’s latest reCAPTCHA v3. That’s according to researcher Nikolai Tschacher, who posted a video proof-of-concept PoC of the attack on Jan. 2. CAPTCHA, introduced in 2014, i...