CVE-2026-35486: CWE-918: Server-Side Request Forgery (SSRF) in oobabooga text-generation-webui
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
AI Analysis
Technical Summary
The oobabooga text-generation-webui versions before 4.3 contain an SSRF vulnerability (CWE-918) in the superbooga and superboogav2 RAG extensions. These extensions use requests.get() to fetch URLs supplied by users without any validation such as scheme checks, IP filtering, or hostname allowlisting. This flaw allows attackers to make the server request internal or protected resources, including cloud metadata endpoints, potentially leading to credential theft and internal service probing. The vulnerability is addressed in version 4.3 of the software.
Potential Impact
An attacker can exploit this SSRF vulnerability to access sensitive internal resources, including cloud metadata endpoints, which may lead to the theft of IAM credentials. The attacker can also probe internal services that are otherwise inaccessible externally. The vulnerability does not impact integrity or availability but has a high impact on confidentiality.
Mitigation Recommendations
Upgrade the oobabooga text-generation-webui to version 4.3 or later, where this SSRF vulnerability has been fixed. No other official remediation or temporary fixes are documented. Patch status is not explicitly confirmed beyond the fix in version 4.3, so users should verify the upgrade to this or a later version.
CVE-2026-35486: CWE-918: Server-Side Request Forgery (SSRF) in oobabooga text-generation-webui
Description
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The oobabooga text-generation-webui versions before 4.3 contain an SSRF vulnerability (CWE-918) in the superbooga and superboogav2 RAG extensions. These extensions use requests.get() to fetch URLs supplied by users without any validation such as scheme checks, IP filtering, or hostname allowlisting. This flaw allows attackers to make the server request internal or protected resources, including cloud metadata endpoints, potentially leading to credential theft and internal service probing. The vulnerability is addressed in version 4.3 of the software.
Potential Impact
An attacker can exploit this SSRF vulnerability to access sensitive internal resources, including cloud metadata endpoints, which may lead to the theft of IAM credentials. The attacker can also probe internal services that are otherwise inaccessible externally. The vulnerability does not impact integrity or availability but has a high impact on confidentiality.
Mitigation Recommendations
Upgrade the oobabooga text-generation-webui to version 4.3 or later, where this SSRF vulnerability has been fixed. No other official remediation or temporary fixes are documented. Patch status is not explicitly confirmed beyond the fix in version 4.3, so users should verify the upgrade to this or a later version.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-02T20:49:44.454Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d52341aaed68159a2ec579
Added to database: 4/7/2026, 3:31:13 PM
Last enriched: 4/15/2026, 12:30:54 PM
Last updated: 5/23/2026, 8:00:46 PM
Views: 80
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.