Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for text_generation_web_ui by oobabooga
CVE-2026-35487 (GCVE-0-2026-35487)
Vulnerability from nvd – Published: 2026-04-07 14:50 – Updated: 2026-04-07 18:14
VLAI?
Title
text-generation-webui has a Path Traversal in load_prompt() — .txt file read without authentication
Summary
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_prompt() allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerability is fixed in 4.3.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
< 4.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35487",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T18:14:36.824791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T18:14:46.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_prompt() allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerability is fixed in 4.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:50:25.103Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-mfgg-vvc6-vqq7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-mfgg-vvc6-vqq7"
}
],
"source": {
"advisory": "GHSA-mfgg-vvc6-vqq7",
"discovery": "UNKNOWN"
},
"title": "text-generation-webui has a Path Traversal in load_prompt() \u2014 .txt file read without authentication"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35487",
"datePublished": "2026-04-07T14:50:25.103Z",
"dateReserved": "2026-04-02T20:49:44.454Z",
"dateUpdated": "2026-04-07T18:14:46.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35486 (GCVE-0-2026-35486)
Vulnerability from nvd – Published: 2026-04-07 14:49 – Updated: 2026-04-09 14:37
VLAI?
Title
text-generation-webui has a SSRF in superbooga/superboogav2 extensions — no URL validation
Summary
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
Severity ?
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
< 4.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T14:37:28.632194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:37:31.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation \u2014 no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:49:37.805Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2"
}
],
"source": {
"advisory": "GHSA-jvrj-w5hq-6cp2",
"discovery": "UNKNOWN"
},
"title": "text-generation-webui has a SSRF in superbooga/superboogav2 extensions \u2014 no URL validation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35486",
"datePublished": "2026-04-07T14:49:37.805Z",
"dateReserved": "2026-04-02T20:49:44.454Z",
"dateUpdated": "2026-04-09T14:37:31.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35487 (GCVE-0-2026-35487)
Vulnerability from cvelistv5 – Published: 2026-04-07 14:50 – Updated: 2026-04-07 18:14
VLAI?
Title
text-generation-webui has a Path Traversal in load_prompt() — .txt file read without authentication
Summary
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_prompt() allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerability is fixed in 4.3.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
< 4.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35487",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T18:14:36.824791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T18:14:46.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_prompt() allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerability is fixed in 4.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:50:25.103Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-mfgg-vvc6-vqq7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-mfgg-vvc6-vqq7"
}
],
"source": {
"advisory": "GHSA-mfgg-vvc6-vqq7",
"discovery": "UNKNOWN"
},
"title": "text-generation-webui has a Path Traversal in load_prompt() \u2014 .txt file read without authentication"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35487",
"datePublished": "2026-04-07T14:50:25.103Z",
"dateReserved": "2026-04-02T20:49:44.454Z",
"dateUpdated": "2026-04-07T18:14:46.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35486 (GCVE-0-2026-35486)
Vulnerability from cvelistv5 – Published: 2026-04-07 14:49 – Updated: 2026-04-09 14:37
VLAI?
Title
text-generation-webui has a SSRF in superbooga/superboogav2 extensions — no URL validation
Summary
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
Severity ?
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
< 4.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T14:37:28.632194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:37:31.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation \u2014 no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:49:37.805Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-jvrj-w5hq-6cp2"
}
],
"source": {
"advisory": "GHSA-jvrj-w5hq-6cp2",
"discovery": "UNKNOWN"
},
"title": "text-generation-webui has a SSRF in superbooga/superboogav2 extensions \u2014 no URL validation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35486",
"datePublished": "2026-04-07T14:49:37.805Z",
"dateReserved": "2026-04-02T20:49:44.454Z",
"dateUpdated": "2026-04-09T14:37:31.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}