|
2171
|
7.3 |
HIGH
Network
|
-
|
-
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original…
|
CWE-22
CWE-434
Path Traversal
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-44566
|
2026-05-19 23:16 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2172
|
5.4 |
MEDIUM
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or up…
|
CWE-862
Missing Authorization
|
CVE-2026-44558
|
2026-05-19 23:16 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2173
|
8.1 |
HIGH
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to discon…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-44553
|
2026-05-19 23:16 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2174
|
5.3 |
MEDIUM
Network
|
-
|
-
|
An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-36438
|
2026-05-19 23:16 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2175
|
9.1 |
CRITICAL
Network
|
freertos
|
coremqtt
|
Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet.
To remediate this issue, users s…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-8686
|
2026-05-19 23:01 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2176
|
9.8 |
CRITICAL
Network
|
lmsys
|
sglang
|
SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the intern…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-7301
|
2026-05-19 22:49 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2177
|
9.1 |
CRITICAL
Network
|
lmsys
|
sglang
|
SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by …
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-7302
|
2026-05-19 22:43 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2178
|
9.8 |
CRITICAL
Network
|
lmsys
|
sglang
|
SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-7304
|
2026-05-19 22:38 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2179
|
7.0 |
HIGH
Local
|
vim
|
vim
|
Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in
runtime/autoload/tar.vim when decompressing .tgz archives on Unix-lik…
|
CWE-78
CWE-88
OS Command
Argument Injection
|
CVE-2026-46483
|
2026-05-19 21:27 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2180
|
5.8 |
MEDIUM
Network
|
traefik
|
traefik
|
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-41181
|
2026-05-19 21:24 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
