Description
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3.
Published: 2026-04-07
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Confidentiality breach through unauthenticated file read
Action: Patch Immediately
AI Analysis

Impact

An unauthenticated path traversal flaw in the load_template() function of text‑generation‑webui permits an attacker to read arbitrary files on the server with .jinja, .jinja2, .yaml, or .yml extensions. When a .jinja file is requested, its entire content is returned verbatim, exposing source code or sensitive data. For .yaml files the server parses the file and returns a single extracted key, which can still reveal configuration or secrets. This vulnerability enables confidentiality compromise without affecting integrity or availability.

Affected Systems

The flaw affects the open‑source web interface for Large Language Models developed by oobabooga, specifically all releases prior to version 4.3. Users running any earlier iteration of text‑generation‑webui are exposed.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is presumptively an unauthenticated HTTP request to the load_template endpoint with a crafted file path; no authentication or privileged access is required. Given that the exploit is straightforward and the potential to read arbitrary server files exists, the risk is significant for installations that store sensitive configuration or code on the same filesystem.

Generated by OpenCVE AI on April 7, 2026 at 19:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to version 4.3 or later of text‑generation‑webui

Generated by OpenCVE AI on April 7, 2026 at 19:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 24 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Oobabooga textgen
CPEs cpe:2.3:a:oobabooga:textgen:*:*:*:*:*:*:*:*
Vendors & Products Oobabooga textgen

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Oobabooga
Oobabooga text-generation-webui
Vendors & Products Oobabooga
Oobabooga text-generation-webui

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load_template() allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the content is returned verbatim; for .yaml files a parsed key is extracted. This vulnerability is fixed in 4.3.
Title text-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authentication
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Oobabooga Text-generation-webui Textgen
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-07T17:55:20.808Z

Reserved: 2026-04-02T20:49:44.454Z

Link: CVE-2026-35483

cve-icon Vulnrichment

Updated: 2026-04-07T17:55:17.956Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T15:17:45.377

Modified: 2026-04-24T15:15:43.870

Link: CVE-2026-35483

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:48:42Z

Weaknesses