Openai Realtime Ui

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-5803 MEDIUM POC PATCH This Month

Server-side request forgery (SSRF) in bigsk1 openai-realtime-ui allows authenticated remote attackers to manipulate API proxy endpoint query parameters in server.js, enabling the server to make arbitrary requests to internal or external resources. The vulnerability affects all versions up to commit 188ccde27fdf3d8fab8da81f3893468f53b2797c, has publicly available exploit code, and carries a CVSS 5.3 score reflecting moderate impact with authentication required. A fix is available via commit 54f8f50f43af97c334a881af7b021e84b5b8310f.

SSRF Openai Realtime Ui
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-5803
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Server-side request forgery (SSRF) in bigsk1 openai-realtime-ui allows authenticated remote attackers to manipulate API proxy endpoint query parameters in server.js, enabling the server to make arbitrary requests to internal or external resources. The vulnerability affects all versions up to commit 188ccde27fdf3d8fab8da81f3893468f53b2797c, has publicly available exploit code, and carries a CVSS 5.3 score reflecting moderate impact with authentication required. A fix is available via commit 54f8f50f43af97c334a881af7b021e84b5b8310f.

SSRF Openai Realtime Ui
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy