Full Disclosure
SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI 3 April 2026 at 03:55

SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI

3 April 2026 at 03:55

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260401-0 >
=======================================================================
title: Broken Access Control
product: Open WebUI
vulnerable version: <v0.8.11
fixed version: v0.8.11
CVE number: CVE-2026-34222
impact: high
homepage:https://openwebui.com
found: 2026-02-06...

Full Disclosure
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library 3 April 2026 at 03:55

SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library

Full Disclosure

3 April 2026 at 03:55

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260326-0 >
=======================================================================
title: Local Privilege Escalation
product: Vienna Assistant (MacOS) - Vienna Symphonic Library
vulnerable version: 1.2.542
fixed version: -
CVE number: CVE-2026-24068
impact: high
homepage:https://www.vsl.co.at/
...

Full Disclosure
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility 3 April 2026 at 03:54

Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility

Full Disclosure

3 April 2026 at 03:54

Posted by Joseph Goydish II via Fulldisclosure on Apr 02

SUMMARY

Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes
traffic through 14 third-party endpoints across six countries. These include
an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint
(Yandex), and a Swiss GmbH whose privacy policy names "The Legal Entity to
be Confirmed" as its data controller. None of this is disclosed to users.

This is shared infrastructure. All devices using Live...

Full Disclosure
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability 3 April 2026 at 03:53

[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability

Full Disclosure

3 April 2026 at 03:53

Posted by Egidio Romano on Apr 02

---------------------------------------------------------------------------
MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://www.metinfo.cn

[-] Affected Versions:

Versions 7.9, 8.0, and 8.1.

[-] Vulnerability Description:

The vulnerable code is located into the...

Full Disclosure
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability 3 April 2026 at 03:52

[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability

Full Disclosure

3 April 2026 at 03:52

Posted by cyber security on Apr 02

A vulnerability was identified in OWASP CRS where whitespace padding
in filenames can bypass file upload extension checks, allowing uploads
of dangerous files such as .php, .phar, .jsp, and .jspx. This issue
has been assigned CVE‑2026‑33691.

Impact: Attackers may evade CRS protections and upload web shells
disguised with whitespace‑padded extensions. Exploitation is most
practical on Windows backends that normalize whitespace in filenames...

Normal view