| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33340 | LoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpoint | ParisNeo | lollms-webui | Critical | 9.1 | 2026-03-24 15:58:36 | Deep Dive |
| CVE-2024-2356 | Remote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2026-02-02 10:36:24 | Deep Dive |
| CVE-2024-12766 | SSRF in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2025-03-20 10:11:21 | Deep Dive |
| CVE-2024-8736 | Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2025-03-20 10:11:18 | Deep Dive |
| CVE-2024-8898 | Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2025-03-20 10:10:58 | Deep Dive |
| CVE-2025-1451 | Insufficient Patch Leading to DoS in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2025-03-20 10:10:50 | Deep Dive |
| CVE-2024-6986 | Cross-site Scripting (XSS) in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2025-03-20 10:10:41 | Deep Dive |
| CVE-2024-10019 | Path Traversal and OS Command Injection in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2025-03-20 10:10:15 | Deep Dive |
| CVE-2024-9920 | Unrestricted File Upload and Execution in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2025-03-20 10:10:08 | Deep Dive |
| CVE-2024-9919 | Missing Authentication Check in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2025-03-20 10:09:56 | Deep Dive |
| CVE-2024-10047 | Directory Listing Vulnerability in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2025-03-20 10:09:36 | Deep Dive |
| CVE-2024-8581 | Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 超危 | - | 2025-03-20 10:09:25 | Deep Dive |
| CVE-2024-5125 | XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2024-11-14 17:36:05 | Deep Dive |
| CVE-2024-6673 | CSRF Vulnerability in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-10-29 12:50:21 | Deep Dive |
| CVE-2024-6674 | Data Leak through CORS Misconfiguration in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-10-29 12:46:45 | Deep Dive |
| CVE-2024-6959 | Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2024-10-13 12:28:19 | Deep Dive |
| CVE-2024-6394 | Local File Inclusion in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2024-09-30 08:09:10 | Deep Dive |
| CVE-2024-4897 | Remote Code Execution in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-07-02 14:37:36 | Deep Dive |
| CVE-2024-5933 | Cross-site Scripting (XSS) in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-06-27 18:46:18 | Deep Dive |
| CVE-2024-6250 | Absolute Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-06-27 18:41:41 | Deep Dive |