Lucene search
K

2456 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-59217

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledgeid and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing...

4.3CVSS0.00272EPSS
Exploits1References4
NVD
NVD
added 4 days ago8 views

CVE-2026-59212

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, verifyknowledgefileaccess only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user...

5.4CVSS0.00308EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 4 days ago9 views

CVE-2026-59212

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, verifyknowledgefileaccess only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user...

5.4CVSS6AI score0.00308EPSS
Exploits1References5Affected Software1
CVE
CVE
added 4 days ago14 views

CVE-2026-59212

Open WebUI vulnerability CVE-2026-59212 affects the Open WebUI platform. From version 0.9.6 up to, but not including, 0.10.0, verify_knowledge_file_access only checked read access; write and delete routes were later trusted via writable model.meta.knowledge entries. This allowed a user with read-...

5.4CVSS6AI score0.00308EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42634

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, verifyknowledgefileaccess only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user...

5.4CVSS6AI score0.00308EPSS
Exploits1References4
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-59212 Open WebUI: Model meta.knowledge read-only file access can be upgraded to file write/delete

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, verifyknowledgefileaccess only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user...

5.4CVSS0.00308EPSS
Exploits1References4
CVE
CVE
added 4 days ago8 views

CVE-2026-59217

Open WebUI prior to version 0.10.0 allowed a metadata.knowledge_id value in file uploads to auto-link files to a knowledge base, bypassing the write-access check on /api/v1/knowledge//file/add. This enabled read-only knowledge-base users to add arbitrary files. The issue is fixed in version 0.10....

4.3CVSS6AI score0.00272EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-57027

Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An issue exists in the erasespamedcomments wiki action, located in actions/EraseSpamedCommentsAction.php, which allows unauthenticated users to permanently delete arbitrary wiki pages. The action...

9.1CVSS6.2AI score0.00052EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-55668 File Browser: ScopedFs follows a dangling symlink on write, letting a scoped user create files outside their scope

File Browser provides a web file managing interface. Prior to 2.63.16, ScopedFs validates the nearest existing ancestor of a dangling symlink as in scope and then follows the symlink during file creation, allowing an authenticated user with Create and Modify permissions to create...

6.3CVSS0.00269EPSS
Exploits0References3
NVD
NVD
added 6 days ago9 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS0.00348EPSS
Exploits0References2
EUVD
EUVD
added last week5 views

EUVD-2026-24994

install -D: symlink race in directory creation allows arbitrary file overwrite...

6.3CVSS6AI score0.00108EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/06 9:34 a.m.5 views

CVE-2026-56364

A Denial of Service DoS vulnerability exists in ImageMagick. An attacker with write access to the OpenCL cache directory can exhaust system memory and crash the application by placing a maliciously crafted file. Mitigation To mitigate this, restrict write access to the OpenCL cache directory to...

1.9CVSS6AI score0.00123EPSS
Exploits1References6
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-27775

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

8.8CVSS0.00523EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.6 views

CVE-2026-27775

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

5.9AI score0.00523EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.5 views

CVE-2026-26231

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write...

8.5CVSS5.9AI score0.00291EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.35 views

CVE-2026-25718 Gitea template repository generation mishandles symlinked paths

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...

0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55603

Name of the Vulnerable Software and Affected Versions Gitea version 1.25.5 Description The software caches a branch-specific write-permission result across multiple refs during a single pre-receive hook session. This behavior allows a user with a per-branch maintainer-edit grant to reuse that...

8.8CVSS7.2AI score0.00523EPSS
Exploits0References9
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-54406

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...

8.7CVSS0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.33 views

CVE-2026-54406

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...

8.7CVSS0.00325EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.34 views

CVE-2026-54406

A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...

8.7CVSS5.8AI score0.00325EPSS
Exploits0References2
Rows per page
Query Builder