{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35483", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-02T20:49:44.454Z", "datePublished": "2026-04-07T14:45:07.141Z", "dateUpdated": "2026-04-07T17:55:20.808Z"}, "containers": {"cna": {"title": "text-generation-webui has a Path Traversal in load_template() \u2014 .jinja/.yaml/.yml file read without authentication", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95"}], "affected": [{"vendor": "oobabooga", "product": "text-generation-webui", "versions": [{"version": "< 4.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-07T14:45:07.141Z"}, "descriptions": [{"lang": "en", "value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3."}], "source": {"advisory": "GHSA-85fx-vw25-4c95", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T17:55:10.903604Z", "id": "CVE-2026-35483", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T17:55:20.808Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35483", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-07T17:55:10.903604Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T17:55:17.956Z"}}], "cna": {"title": "text-generation-webui has a Path Traversal in load_template() \u2014 .jinja/.yaml/.yml file read without authentication", "source": {"advisory": "GHSA-85fx-vw25-4c95", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "oobabooga", "product": "text-generation-webui", "versions": [{"status": "affected", "version": "< 4.3"}]}], "references": [{"url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95", "name": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-07T14:45:07.141Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35483", "state": "PUBLISHED", "dateUpdated": "2026-04-07T17:55:20.808Z", "dateReserved": "2026-04-02T20:49:44.454Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-07T14:45:07.141Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oobabooga:textgen:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A2B642B-80A8-46E1-931D-C5541264290A", "versionEndExcluding": "4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3."}], "id": "CVE-2026-35483", "lastModified": "2026-04-24T15:15:43.870", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-07T15:17:45.377", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "text-generation-webui", "source": "cna", "vendor": "oobabooga"}, "product": "text-generation-webui", "vendor": "oobabooga"}], "analysis": {"en": {"generated_at": "2026-04-07T19:50:45.366451+00:00", "value": {"mitigation_remediation": ["Update to version 4.3 or later of text\u2011generation\u2011webui"], "summary": {"action": "Patch Immediately", "impact": "Confidentiality breach through unauthenticated file read"}, "threat_synthesis": {"affected_systems": "The flaw affects the open\u2011source web interface for Large Language Models developed by oobabooga, specifically all releases prior to version 4.3. Users running any earlier iteration of text\u2011generation\u2011webui are exposed.", "description_and_impact": "An unauthenticated path traversal flaw in the load_template() function of text\u2011generation\u2011webui permits an attacker to read arbitrary files on the server with .jinja, .jinja2, .yaml, or .yml extensions. When a .jinja file is requested, its entire content is returned verbatim, exposing source code or sensitive data. For .yaml files the server parses the file and returns a single extracted key, which can still reveal configuration or secrets. This vulnerability enables confidentiality compromise without affecting integrity or availability.", "risk_and_exploitability": "The CVSS score is 5.3, indicating moderate severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is presumptively an unauthenticated HTTP request to the load_template endpoint with a crafted file path; no authentication or privileged access is required. Given that the exploit is straightforward and the potential to read arbitrary server files exists, the risk is significant for installations that store sensitive configuration or code on the same filesystem."}}}}, "created": "2026-04-08T19:37:24.617303+00:00", "updated": "2026-04-08T19:48:42.526145+00:00", "vendors": ["oobabooga", "oobabooga$PRODUCT$text-generation-webui"]}