Lucene search
K

4976 matches found

OSV
OSV
added 2026/06/27 12:0 a.m.4 views

OPENSUSE-SU-2026:11128-1 agama-web-ui-22+143.ee15dea20-46.1 on GA media

These are all security issues fixed in the agama-web-ui-22+143.ee15dea20-46.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 8:34 p.m.14 views

EUVD-2026-37516

Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication...

9.3CVSS5.8AI score0.00324EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/06/26 8:23 p.m.11 views

GHSA-JM82-FX9C-MX94 vulnerabilities

Vulnerabilities for packages: nemo, open-webui...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

CVE-2026-54531 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.8AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/06/25 10:34 p.m.3 views

GO-2026-5632 Pelican Web UI Affected by a Privilege Escalation Attack in github.com/pelicanplatform/pelican

Pelican Web UI Affected by a Privilege Escalation Attack in github.com/pelicanplatform/pelican...

9CVSS5.8AI score0.0032EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.4 views

Oracle Linux 9 : pcs (ELSA-2026-19167)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19167 advisory. 0.11.11-2.el98.1 - Fixed CVE-2026-4800 by updating pcs-web-ui to 0.1.24.3 Resolves: RHEL-164206 Tenable has extracted the preceding description block directly...

9.8CVSS6.9AI score0.01735EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 6:18 p.m.8 views

CVE-2026-54014

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS0.00244EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:45 p.m.41 views

CVE-2026-54014 Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS0.00244EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/22 2:9 p.m.29 views

CVE-2026-11372 IBM TRIRIGA Cross-Site Scripting Vulnerability

IBM TRIRIGA Application Platform 5.0.2 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 9:9 p.m.31 views

CVE-2026-54017 Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the terminal-server reverse proxy in backend/openwebui/routers/terminals.py does not fully confine the user-controlled path segment before forwarding it to an admin-configured termin...

7.7CVSS0.00349EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.12 views

Cisco Catalyst SD-WAN Manager Arbitrary File Write (cisco-sa-sdwan-arbfw-c2rZvQ)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem o...

6.5CVSS6.2AI score0.07683EPSS
Exploits2References3
Wolfi
Wolfi
added 2026/06/15 8:35 p.m.10 views

GHSA-CJ93-CHG6-VGV8 vulnerabilities

Vulnerabilities for packages: open-webui...

5.2AI score
Exploits0
Wolfi
Wolfi
added 2026/06/15 8:35 p.m.8 views

GHSA-248M-82V9-Q6G6 vulnerabilities

Vulnerabilities for packages: open-webui...

5.2AI score
Exploits0
OSV
OSV
added 2026/06/12 6:30 p.m.19 views

GHSA-6VGG-XHVH-38FF nebula-mesh: POST /api/v1/hosts/{id}/mobile-bundle response lacks Cache-Control: no-store

internal/api/mobilebundle.go:62-66 sets only Content-Type: application/yaml. The Web-UI sibling at internal/web/handlers.go:1316-1321 sets Cache-Control: no-store, Pragma: no-cache, Expires: 0, X-Content-Type-Options: nosniff — and has a test asserting it. The API path was missed. Affected All...

2.3CVSS5.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 6:30 p.m.26 views

nebula-mesh: POST /api/v1/hosts/{id}/mobile-bundle response lacks Cache-Control: no-store

internal/api/mobilebundle.go:62-66 sets only Content-Type: application/yaml. The Web-UI sibling at internal/web/handlers.go:1316-1321 sets Cache-Control: no-store, Pragma: no-cache, Expires: 0, X-Content-Type-Options: nosniff — and has a test asserting it. The API path was missed. Affected All...

5.3AI score
Exploits0References3Affected Software1
Circl
Circl
added 2026/06/11 7:14 p.m.9 views

CVE-2026-54022

creationtimestamp| type| source ---|---|--- 2026-06-11 19:14:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-8788-j68r-3cgh...

5.3CVSS5AI score0.00268EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:9 p.m.10 views

CVE-2026-54019

creationtimestamp| type| source ---|---|--- 2026-06-11 19:09:52+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-p5cp-r7rg-qpxc...

6.5CVSS5AI score0.00281EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:6 p.m.7 views

CVE-2026-54016

creationtimestamp| type| source ---|---|--- 2026-06-11 19:06:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-cx9v-4qj2-jrw6...

4.3CVSS5AI score0.00226EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:5 p.m.10 views

CVE-2026-54015

creationtimestamp| type| source ---|---|--- 2026-06-11 19:05:34+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-4r4w-2wgp-w7cj...

6.4CVSS5AI score0.00169EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:4 p.m.7 views

CVE-2026-54014

creationtimestamp| type| source ---|---|--- 2026-06-11 19:04:46+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-j2c8-v969-8r5c...

4.3CVSS5AI score0.00244EPSS
Exploits1References1
Rows per page
Query Builder