Skip to main content

Text Generation Webui CVE-2026-35485

| EUVDEUVD-2026-19669 HIGH
Path Traversal (CWE-22)
2026-04-07 GitHub_M
7.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

7
Re-analysis Queued
Apr 28, 2026 - 20:53 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 06:05 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
4.3
EUVD ID Assigned
Apr 07, 2026 - 15:00 euvd
EUVD-2026-19669
Analysis Generated
Apr 07, 2026 - 15:00 vuln.today
CVE Published
Apr 07, 2026 - 14:47 nvd
HIGH 7.5

DescriptionGitHub Advisory

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_grammar() allows reading any file on the server filesystem with no extension restriction. Gradio does not server-side validate dropdown values, so an attacker can POST directory traversal payloads (e.g., ../../../etc/passwd) via the API and receive the full file contents in the response. This vulnerability is fixed in 4.3.

AnalysisAI

Remote unauthenticated file disclosure in oobabooga text-generation-webui versions prior to 4.3 allows arbitrary file reading through path traversal in load_grammar() function. Attackers can retrieve any file from the server filesystem without authentication by exploiting insufficient validation of Gradio dropdown values, submitting directory traversal sequences via API requests. EPSS data not available; no public exploit identified at time of analysis, though exploitation complexity is low (CVSS AC:L) requiring only network access.

Technical ContextAI

The vulnerability resides in text-generation-webui's load_grammar() function, which interfaces with the Gradio framework for web UI functionality. Gradio's dropdown components lack server-side validation of submitted values, creating a classic path traversal attack surface (CWE-22). When processing grammar file requests, the application fails to sanitize user-supplied file paths before filesystem operations. Attackers can inject directory traversal sequences (../../../) through POST requests to the Gradio API endpoint, bypassing intended directory restrictions. The affected component (cpe:2.3:a:oobabooga:text-generation-webui) is commonly deployed for self-hosted LLM inference, often containing sensitive configuration files, API keys, and model data on the same filesystem. No file extension filtering exists, enabling access to arbitrary file types including system files like /etc/passwd on Linux systems or configuration files containing credentials.

RemediationAI

Immediate upgrade to text-generation-webui version 4.3 or later is required, as this release contains fixes for the path traversal vulnerability in load_grammar() function with proper input validation. Organizations should update by pulling the latest release from the official GitHub repository at https://github.com/oobabooga/text-generation-webui and redeploying the application. As interim mitigation for systems that cannot immediately upgrade, restrict network access to the Gradio web interface using firewall rules or reverse proxy authentication, limiting exposure to trusted IP ranges only. Review server logs for suspicious API requests containing directory traversal patterns (../, %2e%2e%2f, absolute paths) targeting grammar loading endpoints. After patching, conduct file integrity checks on sensitive files (configuration files, SSH keys, application secrets) to detect potential prior compromise. Full remediation guidance is available in the GitHub Security Advisory GHSA-hqg5-487v-5mc6 at https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-hqg5-487v-5mc6.

Share

CVE-2026-35485 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy