Skip to main content

Text Generation Webui CVE-2026-35487

| EUVDEUVD-2026-19672 MEDIUM
Path Traversal (CWE-22)
2026-04-07 GitHub_M
5.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
4.3
EUVD ID Assigned
Apr 07, 2026 - 15:30 euvd
EUVD-2026-19672
Analysis Generated
Apr 07, 2026 - 15:30 vuln.today
CVE Published
Apr 07, 2026 - 14:50 nvd
MEDIUM 5.3

DescriptionGitHub Advisory

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_prompt() allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerability is fixed in 4.3.

AnalysisAI

Unauthenticated path traversal in text-generation-webui prior to version 4.3 allows remote attackers to read arbitrary .txt files from the server filesystem via the load_prompt() function, with file contents returned directly in API responses. The vulnerability requires no authentication, user interaction, or special conditions, resulting in confidentiality impact with a CVSS score of 5.3. A vendor-released patch is available in version 4.3.

Technical ContextAI

text-generation-webui (CPE: cpe:2.3:a:oobabooga:text-generation-webui:*:*:*:*:*:*:*:*) is an open-source Python web interface for deploying and interacting with large language models. The vulnerability exists in the load_prompt() function, which fails to properly validate or sanitize file path inputs, enabling CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) attacks. Attackers can craft requests using path traversal sequences (e.g., ../) to access files outside the intended prompt directory, with the function returning file contents verbatim in HTTP responses. This is a classic server-side path traversal flaw where insufficient input validation allows directory escape without filesystem-level access controls being bypassed.

RemediationAI

Upgrade text-generation-webui to version 4.3 or later, which contains the fix for this path traversal vulnerability. Users unable to upgrade immediately should restrict network access to the text-generation-webui interface using firewall rules, reverse proxy authentication, or VPN requirements to limit exposure of the load_prompt() endpoint. Review server logs for evidence of path traversal attempts (requests containing ../ or similar sequences in prompt-loading requests). For additional details and verification, refer to the GitHub security advisory at https://github.com/oobabooga/text-generation-webui/security/advisories/GHSA-mfgg-vvc6-vqq7.

Share

CVE-2026-35487 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy