CNNVD-202511-492 Information

CNNVD ID

CNNVD-202511-492

Related CVE

CVE-2025-12488

• CNNVD Published: 2025-11-06

Description (Chinese)

Text Generation Web UI是oobabooga个人开发者的一个本地AI的UI界面。 Text Generation Web UI存在安全漏洞，该漏洞源于对load端点中trust_remote_code参数处理不当，可能导致远程代码执行。

Description (English)

Text General Web UI is a local UI interface for obabooga personal developers. There is a security loophole in the Text General Web UI, which stems from the inappropriate handling of the transitional remote code parameters in the load endpoint, which may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-06

Last Modified

2026-02-24

References

https://github.com/oobabooga/text-generation-webui/commit/b5a6904c4ac4049823396090360b6f566f4e4603 https://www.zerodayinitiative.com/advisories/ZDI-25-981/

Patch

https://github.com/oobabooga/text-generation-webui/releases