{"data":{"id":"99da37bc-be5c-4ba2-b79c-ea1bb74e1a65","title":"CVE-2026-4993: A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts an unknown function of the file backend/o","summary":"A vulnerability (CVE-2026-4993) was found in wandb OpenUI up to version 1.0 where manipulating the LITELLM_MASTER_KEY argument in the backend/openui/config.py file can expose hard-coded credentials (passwords stored directly in the code). This vulnerability requires local access to exploit and has already been publicly disclosed, though the vendor did not respond to early notification.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-4993","publishedAt":"2026-03-28T10:16:31.853Z","cveId":"CVE-2026-4993","cweIds":["CWE-259","CWE-798"],"cvssScore":"3.3","cvssSeverity":"low","severity":"low","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["wandb","LiteLLM"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","attackVector":"local","attackComplexity":"low","privilegesRequired":"low","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-28T10:16:31.853Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}