Lucene search
+L

4 matches found

Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.7 views

PT-2026-56887

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.10.0 Description In the backend/open webui/routers/terminals.py file, the ws terminal upstream URL is constructed using an unencoded session id and appends user id as a query parameter. This allows for query...

8CVSS6.1AI score0.00286EPSS
Exploits0References9
NVD
NVD
added 2026/07/03 11:16 a.m.11 views

CVE-2026-10054

In affected versions of Eclipse Theia 1.8.1 and later, the browser backend exposes privileged terminal RPC over WebSocket /services/shell-terminal, /services/terminals/:id without service-level authentication. WebSocket origin validation in @theia/core is fail-open: connections are accepted when...

8.8CVSS0.00159EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/23 7:58 p.m.8 views

CVE-2026-39987

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSock...

9.8CVSS7.6AI score0.95645EPSS
Exploits11References1
Cvelist
Cvelist
added 2026/04/09 5:16 p.m.56 views

CVE-2026-39987 marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSock...

9.3CVSS0.95645EPSS
Exploits11References3
Rows per page
Query Builder