CVE-2026-44565

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

EUVD-2026-30640

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

CVE-2026-44565 Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

EUVD-2021-1803

Malware in sbrugna...

One API 代码注入漏洞

One API is an LLM API management and distribution system for JustSong individual developers. A code injection vulnerability exists in One API version 0.6.10 and earlier, which stems from a cross-site scripting attack caused by the operation of the Homepage Content parameter in the System Settings...

OpenLLM 安全漏洞

OpenLLM is an open source LLM from BentoML Open Source. A security vulnerability exists in OpenLLM version 0.6.10 that stems from a failure to validate user input and could lead to a local file inclusion attack...

[SA20022] Avahi Denial of Service and Buffer Overflow Vulnerabilities

TITLE: Avahi Denial of Service and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA20022 VERIFY ADVISORY: http://secunia.com/advisories/20022/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: From local network SOFTWARE: Avahi 0.x http://secunia.com/product/9784/ DESCRIPTION...