Lollms web ui
This hub aggregates every CVE we track for Lollms web ui, a product in the ai ml space. Use it to gauge the current risk picture and drill into individual advisories.
47
CVEs tracked
18
Critical
19
High
0
In CISA KEV
Severity distribution
HIGH19CRITICAL18MEDIUM9LOW1
Monthly trend
1
1
1
3
0
0
0
0
11
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Lollms web ui.
- CVE-2026-33340LoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpoint9.1
- CVE-2024-12766SSRF in parisneo/lollms-webui7.5
- CVE-2024-8736Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui6.5
- CVE-2024-8898Path Traversal in parisneo/lollms-webui9.8
- CVE-2025-1451Insufficient Patch Leading to DoS in parisneo/lollms-webui7.5
- CVE-2024-6986Cross-site Scripting (XSS) in parisneo/lollms-webui5.4
- CVE-2024-10019Path Traversal and OS Command Injection in parisneo/lollms-webui6.7
- CVE-2024-9920Unrestricted File Upload and Execution in parisneo/lollms-webui8.8
- CVE-2024-9919Missing Authentication Check in parisneo/lollms-webui8.4
- CVE-2024-7058Relative Path Traversal in parisneo/lollms-webui4.4
- CVE-2024-10047Directory Listing Vulnerability in parisneo/lollms-webui5.3
- CVE-2024-8581Path Traversal in parisneo/lollms-webui9.1
- CVE-2024-6673CSRF Vulnerability in parisneo/lollms-webui6.5
- CVE-2024-6674Data Leak through CORS Misconfiguration in parisneo/lollms-webui7.1
- CVE-2024-6959Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui7.1
Product normalization is registry-driven with AI assist and human review. How it works