Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21632
Total
1549
Critical
6586
High
6915
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-54016 | MEDIUM | 4.3 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization (BOLA) … | Jun 23, 2026 |
| CVE-2026-54015 | MEDIUM | 6.4 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-history endpoints authorize the prompt_id in … | Jun 23, 2026 |
| CVE-2026-54014 | MEDIUM | 4.3 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file … | Jun 23, 2026 |
| CVE-2026-54013 | HIGH | 7.6 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images … | Jun 23, 2026 |
| CVE-2026-54012 | HIGH | 7.1 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, … | Jun 23, 2026 |
| CVE-2026-54011 | HIGH | 8.7 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the … | Jun 23, 2026 |
| CVE-2026-54010 | HIGH | 8.3 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary file_id … | Jun 23, 2026 |
| CVE-2026-54009 | MEDIUM | 6.5 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an image_url.url value that, when it … | Jun 23, 2026 |
| CVE-2026-54008 | HIGH | 8.5 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/oauth.py::_process_picture_url calls validate_url(picture_url) on the initial URL only, then … | Jun 23, 2026 |
| CVE-2026-54007 | UNKNOWN | — | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit … | Jun 23, 2026 |
| CVE-2026-54006 | MEDIUM | 4.3 | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{event_id}/update validates that the caller has write access … | Jun 23, 2026 |
| CVE-2026-53662 | CRITICAL | 9.6 | immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting (XSS) vulnerability on the /auth/login … | Jun 23, 2026 |
| CVE-2026-52846 | MEDIUM | 4.2 | Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from … | Jun 23, 2026 |
| CVE-2026-52845 | HIGH | 8.1 | Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forward_auth copy_headers deletes the exact client-supplied identity header before copying the … | Jun 23, 2026 |
| CVE-2026-52844 | HIGH | 7.5 | Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/*, but … | Jun 23, 2026 |
| CVE-2026-50221 | UNKNOWN | — | In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers (X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device) from client requests before forwarding them to object-servers. An … | Jun 23, 2026 |
| CVE-2026-49983 | MEDIUM | 5.2 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, … | Jun 23, 2026 |
| CVE-2026-49860 | MEDIUM | 5.2 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules … | Jun 23, 2026 |
| CVE-2026-49859 | MEDIUM | 5.2 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did … | Jun 23, 2026 |
| CVE-2026-49440 | HIGH | 7.4 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrime(candidate[, options][, callback]) and crypto.checkPrimeSync(candidate[, options]) ran no Miller-Rabin rounds at all when the … | Jun 23, 2026 |
| CVE-2026-49411 | MEDIUM | 6.5 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the original hostname string before … | Jun 23, 2026 |
| CVE-2026-49406 | MEDIUM | 5.5 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode (nodeModulesDir: "manual"), the module resolver did not … | Jun 23, 2026 |
| CVE-2026-49402 | HIGH | 8.1 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() helper used when callers passed shell: true to … | Jun 23, 2026 |
| CVE-2026-49401 | HIGH | 7.3 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against … | Jun 23, 2026 |
| CVE-2026-45692 | MEDIUM | 5.4 | Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not … | Jun 23, 2026 |