Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

oobabooga — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting oobabooga. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by oobabooga:text-generation-webui
CVE IDTitleCVSSSeverityPublished
CVE-2026-35487 text-generation-webui has a Path Traversal in load_prompt() — .txt file read without authentication — text-generation-webuiCWE-22 5.3 Medium2026-04-07
CVE-2026-35486 text-generation-webui has a SSRF in superbooga/superboogav2 extensions — no URL validation — text-generation-webuiCWE-918 7.5 High2026-04-07
CVE-2026-35485 text-generation-webui has a Path Traversal in load_grammar() — arbitrary file read without authentication — text-generation-webuiCWE-22 7.5 High2026-04-07
CVE-2026-35484 text-generation-webui has a Path Traversal in load_preset() — .yaml file read without authentication — text-generation-webuiCWE-22 5.3 Medium2026-04-07
CVE-2026-35483 text-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authentication — text-generation-webuiCWE-22 5.3 Medium2026-04-07
CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml". — text-generation-webuiCWE-22 9.1 Critical2026-04-06
CVE-2025-12487 oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability — text-generation-webuiCWE-807 9.8 -2025-11-06
CVE-2025-12488 oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability — text-generation-webuiCWE-807 9.8 -2025-11-06
CVE-2025-62364 text-generation-webui allows arbitrary file read via symbolic link upload — text-generation-webuiCWE-59 6.2 Medium2025-10-13

This page lists every published CVE security advisory associated with oobabooga. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.