Vulnerabilidades em oobabooga
9 resultadosCVE-2025-12488CRITICALoobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution VulnerabilityEPSS 0.8%CVE-2025-12487CRITICALoobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution VulnerabilityEPSS 0.8%CVE-2026-35485HIGHtext-generation-webui has a Path Traversal in load_grammar() — arbitrary file read without authenticationEPSS 0.7%CVE-2025-62364MEDIUMtext-generation-webui allows arbitrary file read via symbolic link uploadEPSS 0.5%CVE-2026-35050CRITICALtext-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".EPSS 0.4%CVE-2026-35486HIGHtext-generation-webui has a SSRF in superbooga/superboogav2 extensions — no URL validationEPSS 0.4%CVE-2026-35483MEDIUMtext-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authenticationEPSS 0.3%CVE-2026-35484MEDIUMtext-generation-webui has a Path Traversal in load_preset() — .yaml file read without authenticationEPSS 0.3%CVE-2026-35487MEDIUMtext-generation-webui has a Path Traversal in load_prompt() — .txt file read without authenticationEPSS 0.3%