exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-54257	Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow_CVE-2026-54257 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs i...	electron	electron >= 42.3.1, < 42.3.3	Jun 23, 2026	CVE
MEDIUM 5.3	CVE-2026-54022	Open WebUI: Any authenticated user can read other users’ private notes via Socket.IO_CVE-2026-54022 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.I...	open-webui	open-webui < 0.8.11	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-54021	Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter_CVE-2026-54021 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed ...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-54019	Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode_CVE-2026-54019 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI added collection-leve...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.7	CVE-2026-54018	Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects_CVE-2026-54018 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader impl...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-54016	Open WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration_CVE-2026-54016 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object L...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 6.4	CVE-2026-54015	Open WebUI: Prompt history IDOR: unbound history_id allows cross-prompt read and deletion_CVE-2026-54015 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt version-hist...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-54014	Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui_CVE-2026-54014 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability e...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.6	CVE-2026-54013	Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI_CVE-2026-54013 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in us...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.1	CVE-2026-54012	Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion_CVE-2026-54012 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can c...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE