CVE-2026-35486: CWE-918: Server-Side Request Forgery (SSRF) in oobabooga text-generation-webui
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
AI Analysis
Technical Summary
The oobabooga text-generation-webui versions before 4.3 contain an SSRF vulnerability (CWE-918) in the superbooga and superboogav2 RAG extensions. These extensions use requests.get() to fetch URLs supplied by users without any validation, such as scheme checks, IP filtering, or hostname allowlisting. This lack of validation enables attackers to make unauthorized requests to internal services, including cloud metadata endpoints, which can lead to credential theft and internal network reconnaissance. The vulnerability is addressed in version 4.3 of the product.
Potential Impact
An attacker can exploit this SSRF vulnerability to access sensitive internal resources, including cloud metadata endpoints, which may result in the theft of IAM credentials. This can lead to unauthorized access to cloud services and internal systems. The vulnerability does not impact integrity or availability directly but has a high confidentiality impact as indicated by the CVSS vector (C:H/I:N/A:N).
Mitigation Recommendations
Upgrade to version 4.3 or later of the oobabooga text-generation-webui, where this SSRF vulnerability has been fixed. Since no official patch link or vendor advisory is provided, users should verify the upgrade from the official project repository or release notes. Patch status is not yet confirmed by a vendor advisory; check the vendor's official channels for the latest remediation guidance.
CVE-2026-35486: CWE-918: Server-Side Request Forgery (SSRF) in oobabooga text-generation-webui
Description
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, he superbooga and superboogav2 RAG extensions fetch user-supplied URLs via requests.get() with zero validation — no scheme check, no IP filtering, no hostname allowlist. An attacker can access cloud metadata endpoints, steal IAM credentials, and probe internal services. The fetched content is exfiltrated through the RAG pipeline. This vulnerability is fixed in 4.3.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The oobabooga text-generation-webui versions before 4.3 contain an SSRF vulnerability (CWE-918) in the superbooga and superboogav2 RAG extensions. These extensions use requests.get() to fetch URLs supplied by users without any validation, such as scheme checks, IP filtering, or hostname allowlisting. This lack of validation enables attackers to make unauthorized requests to internal services, including cloud metadata endpoints, which can lead to credential theft and internal network reconnaissance. The vulnerability is addressed in version 4.3 of the product.
Potential Impact
An attacker can exploit this SSRF vulnerability to access sensitive internal resources, including cloud metadata endpoints, which may result in the theft of IAM credentials. This can lead to unauthorized access to cloud services and internal systems. The vulnerability does not impact integrity or availability directly but has a high confidentiality impact as indicated by the CVSS vector (C:H/I:N/A:N).
Mitigation Recommendations
Upgrade to version 4.3 or later of the oobabooga text-generation-webui, where this SSRF vulnerability has been fixed. Since no official patch link or vendor advisory is provided, users should verify the upgrade from the official project repository or release notes. Patch status is not yet confirmed by a vendor advisory; check the vendor's official channels for the latest remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-02T20:49:44.454Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d52341aaed68159a2ec579
Added to database: 4/7/2026, 3:31:13 PM
Last enriched: 4/7/2026, 3:46:43 PM
Last updated: 4/7/2026, 11:59:37 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.