HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.6	CVE-2026-54013	Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI_CVE-2026-54013 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in us...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.1	CVE-2026-54012	Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion_CVE-2026-54012 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can c...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 8.7	CVE-2026-54011	Open WebUI: Stored XSS in Mermaid Markdown Preview_CVE-2026-54011 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 8.3	CVE-2026-54010	Open WebUI: Forged chat-file link allows cross-user file read and deletion_CVE-2026-54010 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 8.5	CVE-2026-54008	Open WebUI: Redirect-Bypass SSRF in OAuth `_process_picture_url`_CVE-2026-54008 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/oauth.p...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.1	CVE-2026-54007	Open WebUI: Cross-origin postMessage confirmation bypass via action:submit_CVE-2026-54007 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows...	open-webui	open-webui < 0.9.6	Jun 23, 2026	CVE
HIGH 7.4	CVE-2026-49440	Deno: Miller-Rabin Primality Test Allows Zero Rounds_CVE-2026-49440 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrime(candidate[, options][, callback]) and crypto.chec...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
HIGH 8.1	CVE-2026-49402	Deno: Command Injection via spawnSync & spawn on Windows_CVE-2026-49402 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() h...	denoland	deno < 2.7.10	Jun 23, 2026	CVE
HIGH 7.3	CVE-2026-49401	Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)_CVE-2026-49401 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions...	denoland	deno < 2.7.14	Jun 23, 2026	CVE
HIGH 7.4	CVE-2026-44726	Deno: TLS retry copies stale upgrade hook, risking plaintext traffic_CVE-2026-44726 Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a T...	denoland	deno >= 2.0.0, < 2.7.8	Jun 23, 2026	CVE