CVE-2026-5803 | bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c API Proxy Endpoint server.js Query server-side request forgery

A vulnerability marked as critical has been reported in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request forgery.

This vulnerability is identified as CVE-2026-5803. The attack can be initiated remotely. Additionally, an exploit exists.

Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is suggested to install a patch to address this issue.

CVE-2026-5803 | bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c API Proxy Endpoint server.js Query server-side request forgery

Post correlati

CVE-2024-1935 | RafflePress Giveaways and Contests Plugin up to 1.12.5 on WordPress cross site scripting

CVE-2025-13453 | Lenovo ThinkPlus TSD303 USB Drive missing encryption

CVE-2024-1273 | Starbox Plugin up to 3.4.x on WordPress cross site scripting

CVE-2024-22830 | Anti-Cheat Expert Kernel Module 1.0.2202.6217 on Windows ACE-BASE.sys access control