CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2832 matches found

Open WebUI < 0.9.5 - Information Disclosure

Open WebUI 0.9.5 contains an information disclosure vulnerability caused by unauthenticated access to GET /api/v1/retrieval/ endpoint, letting remote attackers retrieve live RAG pipeline configuration without authorization, exploit requires no authentication. id: CVE-2026-45397 info: name: Open...

5.3CVSS5.5AI score0.01075EPSS

Exploits1References3

Nuclei•added 10 hours ago•6 views

Open WebUI 'LDAP Empty Password' - Authentication Bypass

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accep...

9.1CVSS5.5AI score0.02638EPSS

Exploits1References2

Nuclei•added 10 hours ago•32 views

Aria2 WebUI - Path traversal

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability. id: CVE-2023-39141 info: name: Aria2 WebUI - Path traversal author: DhiyaneshDk severity: high description: | webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability. impact: | An attacker...

7.5CVSS7.2AI score0.85587EPSS

Exploits1References5

Nuclei•added 10 hours ago•9 views

LoLLMS WebUI < 9.8 - Path Traversal

parisneo/lollms-webui contains a path traversal caused by improper handling of 'category' parameter in /listpersonalities endpoint, letting attackers list arbitrary directories, exploit requires control over 'category' parameter. id: CVE-2024-4322 info: name: LoLLMS WebUI 9.8 - Path Traversal...

7.5CVSS7.3AI score0.45155EPSS

Exploits1References2

Nuclei•added 10 hours ago•30 views

Stable Diffusion Webui 1.10.0 - Open Redirect

An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-11044...

6.1CVSS6.2AI score0.01047EPSS

Exploits1References1

Nuclei•added 10 hours ago•40 views

LoLLMS WebUI - Subfolder Prediction via Path Traversal

A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'addreferencetolocalmode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. id: CVE-2024-4841 info: name: LoLLMS WebUI - Subfolder Prediction via Path...

4CVSS5.4AI score0.08457EPSS

Exploits1

Nuclei•added yesterday•23 views

Loytec LGATE-902 <6.4.2 - Local File Inclusion

Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability. id: CVE-2018-14916 info: name: Loytec LGATE-902 6.4.2 - Local File Inclusion author: 0xAkoko severity: critical description: Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion...

9.4CVSS7.8AI score0.67293EPSS

Exploits3References5

Nuclei•added yesterday•11 views

LoLLMs WEBUI - Server-Side Request Forgery

LoLLMs WEBUI contains a server-side request forgery caused by unauthenticated access to the /api/proxy endpoint, letting attackers force the server to make arbitrary GET requests, exploit requires no authentication. id: CVE-2026-33340 info: name: LoLLMs WEBUI - Server-Side Request Forgery author:...

9.1CVSS5.5AI score0.12355EPSS

Exploits3References2

Nuclei•added yesterday•14 views

LOLLMS WebUI - Absolute Path Traversal

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the openfile endpoint of lollmsadvanced.py. The sanitizepath function with allowabsolutepath=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can...

7.5CVSS7.3AI score0.11253EPSS

Exploits1References3

RedhatCVE•added yesterday•6 views

CVE-2026-11322

Hermes WebUI prior to v0.51.221 contains a path traversal vulnerability that allows attackers to escape the workspace boundary by supplying symlinks that resolve to files or directories outside the designated workspace root. Attackers can exploit the workspace file and listing APIs, which resolve...

7.1CVSS5.4AI score0.00041EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2025-41269

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...

9.8CVSS6AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2 days ago•3 views

CVE-2025-41274

9.8CVSS6AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2 days ago•4 views

CVE-2025-41276

9.8CVSS6AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2025-41267

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Administration WebUI in Waterfall WF-500 TX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating syste...

8.5CVSS6AI score0.00306EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2025-41270

9.8CVSS6AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2 days ago•4 views

CVE-2025-41268

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to delete arbitrary files on the Host machines...

9.1CVSS5.7AI score0.01102EPSS

Exploits0References1

RedhatCVE•added 2 days ago•6 views

CVE-2025-41277

9.8CVSS6AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2 days ago•6 views

CVE-2025-41265

8.6CVSS6AI score0.00306EPSS

Exploits0References1

RedhatCVE•added 2 days ago•4 views

CVE-2025-41266