Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Server-side Request Forgery (SSRF)CVE-2026-45338
Affects open-webui | Versions [0.6.8,0.9.0)
Has fix
pipPublished 18 May 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-45401
Affects open-webui | Versions [,0.9.5)
Has fix
pipPublished 18 May 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-45331
Affects open-webui | Versions [0.3.31, 0.9.0)
Has fix
pipPublished 18 May 2026
  • M
Cross-site Scripting (XSS)CVE-2026-45346
Affects open-webui | Versions [0.3.31,0.6.31)
Has fix
pipPublished 18 May 2026
  • H
Incorrect AuthorizationCVE-2026-45395
Affects open-webui | Versions [0.3.6,0.9.5)
Has fix
pipPublished 18 May 2026
  • M
Improper Validation of Specified Quantity in Input
Affects oxidize-pdf | Versions [,0.5.0)
Has fix
pipPublished 18 May 2026
  • H
Directory TraversalCVE-2026-45017
Affects python-liquid | Versions [,2.2.0)
Has fix
pipPublished 18 May 2026
  • M
Improper Encoding or Escaping of OutputCVE-2026-44972
Affects guarddog | Versions [2.6.0,)
Has fix
pipPublished 18 May 2026
  • H
Incorrect AuthorizationCVE-2026-45339
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 18 May 2026
  • L
Insertion of Sensitive Information Into Sent DataCVE-2026-44970
Affects dbt-mcp | Versions [,1.17.1)
Has fix
pipPublished 18 May 2026
  • L
Insertion of Sensitive Information into Log FileCVE-2026-44969
Affects dbt-mcp | Versions [,1.17.1)
Has fix
pipPublished 18 May 2026
  • H
Arbitrary Argument InjectionCVE-2026-44968
Affects dbt-mcp | Versions [,1.17.1)
Has fix
pipPublished 18 May 2026
  • H
Cross-site Scripting (XSS)CVE-2026-44541
Affects ethyca-fides | Versions [2.33.0,2.84.5rc0)
Has fix
pipPublished 17 May 2026
  • H
Improper Privilege ManagementCVE-2026-43978
Affects wger | Versions [0,]
Has fix
pipPublished 17 May 2026
  • H
Access Control BypassCVE-2026-43977
Affects wger | Versions [0,]
Has fix
pipPublished 17 May 2026
  • H
Asymmetric Resource Consumption (Amplification)CVE-2026-45078
Affects matrix-synapse | Versions [,1.152.1)
Has fix
pipPublished 17 May 2026
  • M
Improper Check for Unusual or Exceptional ConditionsCVE-2026-45076
Affects matrix-synapse | Versions [,1.152.1)
Has fix
pipPublished 17 May 2026
  • H
External Control of File Name or PathCVE-2026-44353
Affects streamlink | Versions [,8.4.0)
Has fix
pipPublished 17 May 2026
  • M
Cross-site Scripting (XSS)CVE-2026-45106
Affects weblate | Versions [,2026.5)
Has fix
pipPublished 17 May 2026
  • M
Improper AuthorizationCVE-2026-45365
Affects open-webui | Versions [,0.8.11)
Has fix
pipPublished 17 May 2026
  • M
Missing AuthorizationCVE-2026-45667
Affects open-webui | Versions [,0.8.0)
Has fix
pipPublished 17 May 2026
  • H
Missing AuthorizationCVE-2026-45399
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 17 May 2026
  • H
Incorrect AuthorizationCVE-2026-45672
Affects open-webui | Versions [,0.8.12)
Has fix
pipPublished 17 May 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-45671
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 17 May 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-45349
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 17 May 2026
  • H
Reliance on File Name or Extension of Externally-Supplied FileCVE-2026-45315
Affects open-webui | Versions [,0.9.3)
Has fix
pipPublished 17 May 2026
  • M
Cross-site Scripting (XSS)CVE-2026-45318
Affects open-webui | Versions [,0.9.3)
Has fix
pipPublished 17 May 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-45347
Affects open-webui | Versions [,0.5.11)
Has fix
pipPublished 17 May 2026
  • H
Cross-site Scripting (XSS)CVE-2026-45665
Affects open-webui | Versions [,0.8.0)
Has fix
pipPublished 17 May 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-45666
Affects open-webui | Versions [,0.8.11)
Has fix
pipPublished 17 May 2026