Total CVEs

140,426

Critical Severity

3,747

High Severity

13,550

Last 7 Days

1,486
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 12,561 - 12,580 of 36,831 CVEs
CVE-2026-44559 MEDIUM - 4.3

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /api/v1/channels/{id}/members endpoint only checks membership for group and dm channel types (lines 467-469). For standard channels โ€” including private ones โ€” there is no channe...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44557 MEDIUM - 4.3

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the _validate_collection_access function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory-* and file-* patterns. All other collectio...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44554 HIGH - 8.1

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collection_name and an overwrite query parameter (default: True). It performs no authorization check on whether t...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44558 MEDIUM - 5.4

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or update paths. A non-admin user who can create group channels (or who owns a channel) can submit arbitra...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44556 HIGH - 7.1

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While th...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44555 HIGH - 7.6

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via base_model_id: a user-defined model (e.g., "Cheap Assistant") can reference an existing base model (e.g., "gpt-4-turbo-restricte...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44552 HIGH - 8.7

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_servers and terminal_servers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database (a supported and documented deployment pattern...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44553 HIGH - 8.1

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin privilege...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44550 MEDIUM - 5.0

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, FolderForm uses model_config = ConfigDict(extra='allow'), which permits arbitrary fields to pass through Pydantic validation and be included in model_dump(exclude_unset=True)....

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-44551 CRITICAL - 9.1

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accepts ...

Vendor: pip
Product: open-webui
Published: May 08, 2026
Source: GitHub

grav-plugin-admin is the admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.10.49.5, the application fails to properly validate and sanitize user input in the data[header][title] parameter. As a result, atta...

Vendor: composer
Product: getgrav/grav
Published: May 08, 2026
Source: GitHub
CVE-2026-44680 HIGH - 7.6

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to @mikro-orm/knex 6.6.14 and @mikro-orm/sql 7.0.14, MikroORM's identifier-quoting helper (Platform.quoteIdentifier and the postgres/mssql overrides) and its JSON-path emitters (Platform...

Vendor: npm
Product: @mikro-orm/sql
Published: May 08, 2026
Source: GitHub
CVE-2026-8178 HIGH - 8.1

An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application contex...

Vendor: maven
Product: com.amazon.redshift:redshift-jdbc42
Published: May 08, 2026
Source: NVD
CVE-2026-29203 HIGH - 8.8

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova pat...

Vendor: WebPros
Product: cPanel, cPanel (CentOS 6, CloudLinux 6), WP Squared
Published: May 08, 2026
Source: NVD
CVE-2026-29202 HIGH - 8.8

Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user.

Vendor: WebPros
Product: cPanel, cPanel (CentOS 6, CloudLinux 6), WP Sqaured
Published: May 08, 2026
Source: NVD
CVE-2026-29201 MEDIUM - 4.3

Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is passed.

Vendor: WebPros
Product: cPanel, WP Squared, cPanel (CentOS 6, CloudLinux 6)
Published: May 08, 2026
Source: NVD
CVE-2026-44502 MEDIUM - 4.3

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsinkโ€™s webhook URL validation could be (partially) bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Pythonโ€™s urllib.parse.urlparse, then sent the request with requests.post. For malf...

Vendor: pip
Product: bugsink
Published: May 08, 2026
Source: GitHub

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The encode...

Vendor: go
Product: github.com/siyuan-note/siyuan/kernel
Published: May 08, 2026
Source: GitHub
CVE-2026-44721 HIGH - 7.3

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting (XSS) vulnerability that allows any authenticated user with model creation permission (workspace.models) to execute arbitrary JavaScript in the browser of ...

Vendor: npm
Product: open-webui
Published: May 08, 2026
Source: GitHub
CVE-2026-6659 HIGH - 7.5

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography.

Published: May 08, 2026
Source: NVD