The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
The flaw, tracked as CVE-2025-64496 and discovered by Cato Networks researchers, impacts Open WebUI versions 0.6.34 and older ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback