|
851
|
8.5 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing difference between the urlparse and requests libraries led to an SSRF bypa…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45400
|
2026-05-19 21:08 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
852
|
8.5 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validate_url() function in backend/open_webui/retrieval/web/utils.py only valida…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45401
|
2026-05-19 21:07 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
853
|
8.8 |
HIGH
Network
|
huggingface
|
diffusers
|
Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines from Hu…
|
CWE-94
Code Injection
|
CVE-2026-44827
|
2026-05-19 12:20 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
854
|
8.8 |
HIGH
Network
|
huggingface
|
diffusers
|
Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite the user p…
|
CWE-94
Code Injection
|
CVE-2026-44513
|
2026-05-19 12:18 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
855
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page…
|
CWE-416
Use After Free
|
CVE-2026-8551
|
2026-05-19 12:15 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
856
|
4.3 |
MEDIUM
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the _validate_collection_access function uses an incomplete allowlist that only enfo…
|
CWE-863
Incorrect Authorization
|
CVE-2026-44557
|
2026-05-19 12:13 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
857
|
7.1 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forw…
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-44556
|
2026-05-19 12:12 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
858
|
7.6 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via base_model_id: a user-defined model (e.g.,…
|
CWE-862
Missing Authorization
|
CVE-2026-44555
|
2026-05-19 12:12 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
859
|
8.1 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collection_n…
|
CWE-862
Missing Authorization
|
CVE-2026-44554
|
2026-05-19 12:12 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
860
|
5.0 |
MEDIUM
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, FolderForm uses model_config = ConfigDict(extra='allow'), which permits arbitrary fi…
|
CWE-862
Missing Authorization
|
CVE-2026-44550
|
2026-05-19 12:12 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
