MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-54016	Open WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration_CVE-2026-54016 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object L...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 6.4	CVE-2026-54015	Open WebUI: Prompt history IDOR: unbound history_id allows cross-prompt read and deletion_CVE-2026-54015 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-hist...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-54014	Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui_CVE-2026-54014 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability e...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-54009	Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field_CVE-2026-54009 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accep...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-54006	Open WebUI: Calendar event re-parenting allows writing events into another user’s calendar_CVE-2026-54006 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{e...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 5.3	CVE-2026-50221	CVE-2026-50221_CVE-2026-50221 In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers (X-Container-Host, X-Container-Device, X-Delete-At-Host, X-De...	OpenStack	Swift 2.0.0	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49983	Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access_CVE-2026-49983 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with ...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49860	Deno: WebSocket API sandbox bypass via missing post-DNS check_CVE-2026-49860 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hos...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49859	Deno: `fetch()` API sandbox bypass via missing DNS resolution check_CVE-2026-49859 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against -...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-49411	Deno Node TCPWrap numeric hostname aliases bypass –deny-net resolved-IP deny checks_CVE-2026-49411 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the or...	denoland	deno < 2.8.0	Jun 23, 2026	CVE