lollms

Top products

The 15 most recently published vulnerabilities affecting lollms.

• CVE-2026-1116Cross-site Scripting (XSS) in parisneo/lollms6.1Apr 12, 2026
• CVE-2026-1115Stored XSS in parisneo/lollms9.6Apr 10, 2026
• CVE-2026-1114Improper Access Control via Weak JWT Token in parisneo/lollms9.8Apr 7, 2026
• CVE-2026-0558Unauthenticated File Upload in parisneo/lollms9.8Mar 29, 2026
• CVE-2026-0560Server-Side Request Forgery (SSRF) in parisneo/lollms7.5Mar 29, 2026
• CVE-2026-0562Insecure Direct Object Reference (IDOR) in parisneo/lollms8.3Mar 29, 2026
• CVE-2026-33340LoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpoint9.1Mar 24, 2026
• CVE-2024-12766SSRF in parisneo/lollms-webui7.5Mar 20, 2025
• CVE-2024-8736Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui6.5Mar 20, 2025
• CVE-2024-8898Path Traversal in parisneo/lollms-webui9.8Mar 20, 2025
• CVE-2025-1451Insufficient Patch Leading to DoS in parisneo/lollms-webui7.5Mar 20, 2025
• CVE-2024-6986Cross-site Scripting (XSS) in parisneo/lollms-webui5.4Mar 20, 2025
• CVE-2024-10019Path Traversal and OS Command Injection in parisneo/lollms-webui6.7Mar 20, 2025
• CVE-2024-9920Unrestricted File Upload and Execution in parisneo/lollms-webui8.8Mar 20, 2025
• CVE-2024-9919Missing Authentication Check in parisneo/lollms-webui8.4Mar 20, 2025