CVE-2026-33340P1CRITICALCVSS 9.1PoC≤ 8c5dcef63d847bb3d027ec74915d8fe4afd3014e2026-03-24
CVE-2026-33340 [CRITICAL] CWE-306 CVE-2026-33340: LoLLMs WEBUI provides the Web user interface for Lord of Large Language and Multi modal Systems. A c
LoLLMs WEBUI provides the Web user interface for Lord of Large Language and Multi modal Systems. A critical Server-Side Request Forgery (SSRF) vulnerability has been identified in all known existing versions of `lollms-webui`. The `@router.post("/api/proxy")` endpoint allows unauthenticated attackers to force the server into making arbitrary GET r
nvd