Browse Security Advisories
Moderate Security Advisories for open-webui in pypi Clear Filters
Moderate
4 months ago
Open WebUI Has Improper Access Control Leading to Arbitrary Prompt Read
pypi
open-webui
Moderate
4 months ago
Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint
pypi
open-webui
Moderate
4 months ago
Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint
pypi
open-webui
Moderate
4 months ago
Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload
pypi
open-webui
Moderate
10 months ago
open-webui Insecure Direct Object Reference (IDOR) vulnerability
pypi
open-webui
Filter by Severity
Filter by Ecosystem
maven
3,135
packagist
3,007
pypi
2,022
npm
1,354
go
1,273
nuget
659
rubygems
437
cargo
411
hex
16
swift
13
actions
7
pub
3
Filter by Package
tensorflow
200
tensorflow-cpu
198
tensorflow-gpu
197
Django
44
apache-airflow
43
apache-superset
41
Plone
36
nova
29
plone
29
moin
27
ansible
25
django
21
gradio
20
matrix-synapse
19
salt
17
rdiffweb
16
vyper
15
glance
14
keystone
13
roundup
12
vllm
10
PaddlePaddle
10
aiohttp
10
notebook
10
OctoPrint
10
pyftpdlib
9
calibreweb
9
urllib3
9
open-webui
9
horizon
9
opencv-contrib-python
8
onionshare-cli
8
opencv-python
8
mlflow
8
transformers
8
modoboa
8
neutron
8
pyload-ng
7
twisted
7
picklescan
6
aim
6
zenml
6
lxml
6
mobsf
6
vantage6
6
Products.CMFPlone
6
requests
6
swift
6
Mezzanine
6
ckan
6
Flask-AppBuilder
6
wagtail
6
cinder
6
trac
5
web2py
5
mayan-edms
5
Pillow
5
pgadmin4
5
cryptography
5
mage-ai
5
trytond
5
mindsdb
5
jupyter-server
5
cobbler
5
jinja2
4
tornado
4
PyPDF2
4
flask-cors
4
pillow
4
label-studio
4
composio-core
4
jwcrypto
4
dtale
4
indico
4
waitress
4
lief
4
lollms
4
ansible-core
4
matrix-sydent
4
paddlepaddle
4
snowflake-connector-python
4
zope
4
sentry
4
Scrapy
4
mailman
4
ethyca-fides
4
nautobot
3
jupyterhub
3
pysaml2
3
whoogle-search
3
scrapy
3
Moin
3
tinymce/tinymce
3
barbican
3
ipython
3
aws-sam-cli
3
markdown2
3
wasmtime
3
Keystone
3
numpy
3
micropython-io
3
bleach
3
tuf
3
wasmtime
3
TinyMCE
3
buildbot
3
streampipes
3
opencv-python-headless
3
changedetection.io
3
Jinja2
3
AccessControl
3
codechecker
3
ajenti
3
FreeTAKServer-UI
3
tinymce
3
frappe
3
pyspark
3
streamlit
3
werkzeug
3
opencv-contrib-python-headless
3
org.apache.streampipes:streampipes-parent
3
fava
3
copyparty
3
django-tinymce
3
feedparser
3
litellm
3
inventree
3
saleor
3
datasette
3
mercurial
3
graphite-web
3
omero-web
3
pip
3
micropython-copy
3
django-cms
2
keylime
2
ryu
2
Red-DiscordBot
2
dompurify
2
eth-abi
2
wasm3
2
invenio-communities
2
homeassistant
2
jupyterlab
2
aiosmtpd
2
tripleo-ansible
2
signxml
2
PostQuantum-Feldman-VSS
2
pypickle
2
Zope
2
scancodeio
2
starlette
2
Djblets
2
kiwitcms
2
archivy
2
mistune
2
@openc3/tool-common
2
parlai
2
ansible-runner
2
Werkzeug
2
zope2
2
yt-dlp
2
ujson
2
openc3
2
langchain-community
2
Products.PluggableAuthService
2
tripleo-heat-templates
2
asyncssh
2
eventlet
2
pypdf
2
html5lib
2
libosdp
2
fastapi-admin
2
sosreport
2
llama-index-core
2
python-ldap
2
weblate
2
pretix
2
langchain-core
2
in-toto
2
pywasm3
2
apache-iotdb
2
docassemble.webapp
2
python-cjson
2
Roundup
2
python-apt
2
SOAPpy
2
pydantic
2
khoj
2
python-keystoneclient
2
pymongo
2
httpie
2
lmdeploy
2
torchserve
2
CherryMusic
2
langchain
2
langflow
2
dagster
2
openzeppelin-cairo-contracts
2
Zope2
2