CVE-2026-34225 | open-webui Open WebUI up to 0.7.2 server-side request forgery (GHSA-jgx9-jr5x-mvpv)

April 14, 2026 Yanac

A vulnerability was found in open-webui Open WebUI up to 0.7.2. It has been classified as critical. This affects an unknown part. This manipulation causes server-side request forgery.

This vulnerability is handled as CVE-2026-34225. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-40315 | MervinPraison PraisonAI up to 4.5.132 Configuration config.py table_prefix sql injection (GHSA-x783-xp3g-mqhp)
CVE-2026-27678 | SAP S4HANA Backend OData Service 4CORE 109 Manage Reference Structures authorization