Skip to main content

Text Generation Webui CVE-2026-35483

| EUVDEUVD-2026-19665 MEDIUM
Path Traversal (CWE-22)
2026-04-07 GitHub_M
5.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
4.3
EUVD ID Assigned
Apr 07, 2026 - 15:00 euvd
EUVD-2026-19665
Analysis Generated
Apr 07, 2026 - 15:00 vuln.today
CVE Published
Apr 07, 2026 - 14:45 nvd
MEDIUM 5.3

DescriptionGitHub Advisory

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3.

AnalysisAI

Unauthenticated path traversal in text-generation-webui prior to version 4.3 enables remote attackers to read arbitrary files with .jinja, .jinja2, .yaml, or .yml extensions from the server filesystem. The vulnerability resides in the load_template() function and allows disclosure of configuration files, templates, and other sensitive data without authentication. EPSS score of 5.3 reflects low to moderate real-world exploitation risk despite network accessibility, as successful exploitation requires knowledge of file paths and extension constraints.

Technical ContextAI

text-generation-webui is an open-source Python-based web interface for deploying and interacting with large language models. The vulnerability stems from insufficient input validation in the load_template() function, which fails to properly sanitize user-supplied template path parameters. This permits directory traversal sequences (e.g., '../../../etc/') to bypass intended directory restrictions. The root cause is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). Affected versions prior to 4.3 expose template loading operations to unauthenticated requests over the network (AV:N), requiring no special privilege escalation (PR:N) and no user interaction (UI:N). File disclosure is limited to specific extensions (.jinja, .jinja2, .yaml, .yml), reducing but not eliminating exposure of sensitive application configuration and secrets.

RemediationAI

Upgrade text-generation-webui to version 4.3 or later to apply the vendor-released patch. Users on earlier versions should prioritize this upgrade as it directly addresses the path traversal vulnerability in load_template(). As an interim measure pending upgrade, restrict network access to the text-generation-webui service using firewall rules or network segmentation to limit exposure to trusted internal networks only; however, this is not a substitute for patching. Refer to the official GitHub Security Advisory at https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-85fx-vw25-4c95 for detailed patch notes and upgrade instructions.

Share

CVE-2026-35483 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy