CVE & Vulnerability
CVE-2026-44566 - Open WebUI: Arbitrary File Upload and Path Traversal
CVE & Vulnerability
CVE-2026-44570 - Open WebUI: Inconsistent authorization controls within memories API
CVE & Vulnerability
CVE-2026-44567 - Open WebUI: Open WebUI Improper Authorization Control
CVE & Vulnerability
CVE-2026-44569 - Open WebUI: Insecure Message Access Breaks Authorization
CVE & Vulnerability
CVE-2026-45318 - Open WebUI: Stored XSS via unsanitized Office/Excel/DOCX file preview rendering ({@html} without DOMPur...
CVE & Vulnerability
CVE-2026-45338 - Open WebUI: SSRF via OAuth Profile Picture URL in _process_picture_url (oauth.py)
CVE & Vulnerability
CVE-2026-45317 - Open WebUI: Cross-Site Request Forgery (CSRF) via Image URL Manipulation
CVE & Vulnerability
CVE-2026-45665 - Open WebUI: Stored XSS in Banner Component via Improper Sanitization Order
CVE & Vulnerability
CVE-2026-45365 - Open WebUI: Authenticated users can bypass model access control via exposed query parameter
CVE & Vulnerability
CVE-2026-45351 - Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]
CVE & Vulnerability
CVE-2026-45347 - Open WebUI: Blind server side request forgery (SSRF) via the PDF generate function
CVE & Vulnerability
CVE-2026-45667 - Open WebUI: Unauthenticated endpoint can trigger embedding generation (cost/DoS)
CVE & Vulnerability
CVE-2026-45666 - Open WebUI: Indirect Object Reference (IDOR) in user notes
CVE & Vulnerability
CVE-2026-8700 - Crypt::DSA versions before 1.20 for Perl generate seeds using rand
CVE & Vulnerability
CVE-2026-8704 - Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified
Film & TV
ZDF Magazin vor Ort Die Colonius-Sprengung | Fr 29.05. 23:00 ZDF
Film & TV
Ich will (k)ein Kind von Dir - kurzfristige Programmänderung! | Do 21.05. 03:05 Das Erste
Film & TV
Vera - Ein ganz spezieller Fall S11E06 Wie der Wind weht | Sa 16.05. 20:15 SAT.1 Gold
Film & TV
Die geheime Welt der Hunde | Sa 16.05. 20:15 phoenix
Film & TV
