InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
GitHub

A docsify.js plugin to embed Swagger-UI to view OpenAPI docs.

If you look for a more Markdown-like approach, feel free to have a look at coolerfall's docsify-swagger plugin. This plugin is build with docsify-themeable in mind. Make sure you have it installed, ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could ...
GitHub

A fully automated OpenAPI engine for Axum with zero-config route and schema discovery.

Vespera is a fully automated OpenAPI engine for Axum — delivering a FastAPI-like developer experience to the Rust ecosystem. It automatically discovers routes, imports handlers and schemas, and ...