Platform
python
Component
text-generation-webui
Fixed in
4.1.2
CVE-2026-35050 describes a Remote Code Execution (RCE) vulnerability discovered in text-generation-webui, an open-source web interface for Large Language Models. This flaw allows attackers to overwrite Python files within the application's root directory, potentially leading to arbitrary code execution. Versions prior to 4.1.1 are affected, and a fix is available in version 4.1.1.
The primary impact of CVE-2026-35050 is the ability for an attacker to execute arbitrary code on the server hosting the text-generation-webui application. This is achieved by saving malicious extension settings in a '.py' format and overwriting critical files, such as 'download-model.py'. When a user attempts to download a new model, the attacker's code is triggered, granting them control over the server. The blast radius extends to any data processed or stored by the webui, including potentially sensitive user data or model configurations. Successful exploitation could lead to complete system compromise and data exfiltration.
CVE-2026-35050 was publicly disclosed on 2026-04-06. There is currently no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog. Public proof-of-concept (POC) code is likely to emerge given the ease of exploitation, increasing the risk of widespread attacks.
Exploit Status
EPSS
0.08% (23% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-35050 is to immediately upgrade text-generation-webui to version 4.1.1 or later. If upgrading is not immediately feasible, restrict write access to the application's root directory to prevent unauthorized file modifications. Consider implementing a Web Application Firewall (WAF) with rules to detect and block suspicious file uploads or modifications. Monitor system logs for unusual Python script executions or file modifications. After upgrading, confirm the fix by attempting to download a model and verifying that no unexpected code is executed.
Actualice a la versión 4.1.1 o superior para mitigar la vulnerabilidad de ejecución remota de código. Esta versión corrige el problema de recorrido de directorios que permite la sobrescritura de archivos Python y su posterior ejecución.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-35050 is a critical Remote Code Execution vulnerability in text-generation-webui versions before 4.1.1, allowing attackers to execute arbitrary code by overwriting Python files.
You are affected if you are using text-generation-webui versions prior to 4.1.1. Immediately check your version and upgrade if necessary.
Upgrade text-generation-webui to version 4.1.1 or later. As a temporary workaround, restrict write access to the application's root directory.
There is currently no confirmed active exploitation, but the ease of exploitation suggests a high risk of future attacks.
Refer to the text-generation-webui GitHub repository for the latest security advisories and updates: [https://github.com/oobabooga/text-generation-webui](https://github.com/oobabooga/text-generation-webui)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.