Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Denial of Service (DoS)		open-webui[,0.5.13)pip10 Apr 2025
  • M
Cross-site Scripting (XSS)		open-webui[0,]pip10 Apr 2025
  • H
Missing Authentication for Critical Function		open-webui[,0.5.13)pip10 Apr 2025
  • M
Insufficient Isolation of System-Dependent Functions		open-webui[,0.4.0)pip10 Apr 2025
  • M
Cross-site Scripting (XSS)		open-webui[0,]pip10 Apr 2025
  • H
Directory Traversal		open-webui[0,]pip10 Apr 2025
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)		open-webui[0,]pip10 Apr 2025
  • M
Cross-site Scripting (XSS)		open-webui[0,]pip10 Apr 2025
  • H
Allocation of Resources Without Limits or Throttling		open-webui[0,]pip10 Apr 2025
  • M
Improper Privilege Management		open-webui[0,]pip10 Apr 2025
  • M
Undefined Behavior for Input to API		open-webui[0,]pip10 Apr 2025
  • C
SQL Injection		llama-index-retrievers-duckdb-retriever[,0.4.0)pip10 Apr 2025
  • H
Incorrect Synchronization		open-webui[0,]pip10 Apr 2025
  • H
Missing Critical Step in Authentication		lollms[0,]pip9 Apr 2025
  • M
Arbitrary File Write via Archive Extraction (Zip Slip)		gluoncv[0,]pip9 Apr 2025
  • M
Cross-site Request Forgery (CSRF)		vanna[0,]pip9 Apr 2025
  • C
Arbitrary Command Injection		lollms[,11.0.0)pip9 Apr 2025
  • C
Deserialization of Untrusted Data		bentoml[1.0.0,1.4.8)pip9 Apr 2025
  • H
Denial of Service (DoS)		invokeai[0,]pip8 Apr 2025
  • H
Denial of Service (DoS)		invokeai[0,]pip8 Apr 2025
  • H
Directory Traversal		invokeai[,5.3.0rc1)pip8 Apr 2025
  • C
Deserialization of Untrusted Data		invokeai[5.3.1,5.4.3rc2)pip8 Apr 2025
  • C
Cross-site Scripting (XSS)		open-webui[,0.3.24)pip8 Apr 2025
  • H
Class Pollution		mesop[,0.14.1)pip8 Apr 2025
  • M
Incomplete List of Disallowed Inputs		picklescan[,0.0.25)pip8 Apr 2025
  • M
Deserialization of Untrusted Data		picklescan[,0.0.25)pip8 Apr 2025
  • H
Incomplete List of Disallowed Inputs		picklescan[,0.0.25)pip8 Apr 2025
  • M
Improper Handling of Case Sensitivity		flask-cors[0,]pip7 Apr 2025
  • M
Improper Verification of Source of a Communication Channel		flask-cors[0,]pip7 Apr 2025
  • M
Origin Validation Error		flask-cors[0,]pip7 Apr 2025