GHSA-g2mr-jcjh-hmc7
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource consumption. Attackers can exploit the `/open_code_in_vs_code` and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the default folder opener (e.g., File Explorer, xdg-open) multiple times. This can render the host machine unusable by exhausting system resources. The vulnerability is present in the latest version of the software.
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 6, 2025 6:30 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.