27 matches found
CVE-2026-45395
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...
CVE-2026-45395
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...
CVE-2026-45395 Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...
CVE-2026-45395
Summary: CVE-2026-45395 (Open WebUI) is a missing authorization check on the tool update endpoint. Before 0.9.5, POST /api/v1/tools/id/{id}/update validates only a write-grant for the tool and does not enforce the workspace.tools permission, unlike the create endpoint which requires workspace.too...
CVE-2026-45395
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...
CVE-2026-45395 Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...
GHSA-P4FX-23FQ-JFG6 Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Summary The tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been explicitly denied tool management capabilities and who the administrator considers untrusted for code...
NPM: Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
NPM: Open WebUI: Missing workspace.tools Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution vulnerability discovered by ? in WordPress Npm open-webui versions 0.9.5...
Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
Summary The tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been explicitly denied tool management capabilities and who the administrator considers untrusted for code...
PT-2026-41190
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description A missing authorization check in the tool update endpoint "POST /api/v1/tools/id/id/update" allows users to bypass the workspace.tools security boundary. While the tool creation endpoint correctly...
EUVD-2022-2532
Malicious code in bioql PyPI...
Command Injection
workspace-tools is vulnerable to command Injection. The vulnerability exists in fetchRemoteBranch function in git.ts due to lack of sanitization in flagging inputs which allows a malicious attacker to inject and execute arbitrary code...
@fluentui/bundle-size (>=1.1.3 <=1.1.6), @georgs/beachball (=2.22.0) +17 more potentially affected by CVE-2022-25865 via workspace-tools (>=0.10.3 <=0.16.2)
workspace-tools NPM version =0.10.3, =1.1.3, =0.0.2, =0.0.2, =1.3.0, =0.1.1, =1.2.0, =1.0.3, =0.1.2, =6.1.2, =1.48.2, =0.3.0, =1.0.0, =0.13.0, =1.0.1 and more Source cves: CVE-2022-25865 Source advisory: OSV:GHSA-5875-M6JQ-VF78...
Command injection in workspace-tools
The package workspace-tools before 0.18.4 is vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...
GHSA-5875-M6JQ-VF78 Command injection in workspace-tools
The package workspace-tools before 0.18.4 is vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...
CVE-2022-25865
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...
Command injection
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...
CVE-2022-25865
The vulnerability affects the package workspace-tools prior to 0.18.4. The issue resides in the function fetchRemoteBranch(remote, remoteBranch, cwd) where both the remote and remoteBranch arguments are passed to the git fetch subcommand in a way that allows additional flags to be set, enabling a...
CVE-2022-25865
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...
Microsoft workspace-tools 参数注入漏洞
Microsoft workspace-tools is an open source JS Monorepo workspace tool from Microsoft Corporation USA. A parameter injection vulnerability exists in versions of Microsoft workspace-tools prior to 0.18.4, which can be exploited by an attacker to conduct a command injection attack...