Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42619

Summary mcp-server-kubernetes exposes three environment variables ALLOW ONLY READONLY TOOLS, ALLOW ONLY NON DESTRUCTIVE TOOLS, ALLOWED TOOLS documented as access controls for restricting which Kubernetes operations are available. These controls are enforced at the tool discovery layer tools/list...

8.8CVSS6AI score
Exploits0References3
CVE
CVE
added 2026/05/15 9:23 p.m.30 views

CVE-2026-45350

Open WebUI (self-hosted AI platform) has a vulnerability in the chat_completion API prior to version 0.8.6 where user-supplied tool_ids/tool_servers are used to build a tools_dict without permission checks. This allows invoking any server tool using the server’s credentials, bypassing tool restri...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 9:23 p.m.10 views

CVE-2026-45350 Open WebUI: Chat completion API allows tool restrictions to be bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:23 p.m.7 views

CVE-2026-45350

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/15 9:23 p.m.72 views

CVE-2026-45350 Open WebUI: Chat completion API allows tool restrictions to be bypassed

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...

7.1CVSS0.0026EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/14 8:24 p.m.9 views

Open WebUI's chat completion API allows tool restrictions to be bypassed

Summary Open WebUI v0.6.43 contains a vulnerability in its chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. Details In the chatcompletion API, the parameters toolids and toolservers are supplied by the user. These...

7.1CVSS5.7AI score0.0026EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/05/11 6:31 p.m.21 views

EUVD-2026-29143

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

5.4CVSS5.8AI score0.00706EPSS
Exploits0References4
Rows per page
Query Builder