Vulners
Lucene search
Open WebUI < 0.9.5 Multiple Vulnerabilities
| Reporter | Title | Published | Views | Family All 27 |
|---|---|---|---|---|
 | CVE-2026-45401 | 15 May 202620:37 | – | attackerkb |
| CVE-2026-45398 | 15 May 202620:35 | – | attackerkb |
 | CVE-2026-45398 | 10 May 202619:36 | – | circl |
| CVE-2026-45401 | 10 May 202619:43 | – | circl |
 | Open WebUI 安全漏洞 | 15 May 202600:00 | – | cnnvd |
| Open WebUI 代码问题漏洞 | 15 May 202600:00 | – | cnnvd |
 | CVE-2026-45398 | 15 May 202620:35 | – | cve |
| CVE-2026-45401 | 15 May 202620:37 | – | cve |
 | CVE-2026-45398 Open WebUI: IDOR - Retrieval API Bypasses Knowledge Base Access Controls | 15 May 202620:35 | – | cvelist |
| CVE-2026-45401 Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints | 15 May 202620:37 | – | cvelist |
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(314912);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/20");
script_cve_id("CVE-2026-45398", "CVE-2026-45401");
script_name(english:"Open WebUI < 0.9.5 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"An AI platform running on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Open WebUI running on the remote host is prior to 0.9.5. It is, therefore, affected by multiple
vulnerabilities:
- An insecure direct object reference (IDOR) vulnerability in the retrieval API allows any authenticated user who
knows a private knowledge base UUID to bypass access controls and read, inject content into, or destroy another
user's knowledge base. The _validate_collection_access() function only checks user-memory-* and file-* collection
name prefixes but does not validate knowledge base collections which use raw UUIDs. (CVE-2026-45398)
- A server-side request forgery (SSRF) vulnerability exists because the validate_url() function only validates the
initial URL submitted by the caller. HTTP clients used downstream follow 3xx redirects by default without
re-validating the redirect target against the private-IP block list. Any authenticated user can submit a public URL
that redirects to an internal address and read the response. (CVE-2026-45401)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://github.com/open-webui/open-webui/security/advisories/GHSA-4g37-7p2c-38r9
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?47d441b2");
# https://github.com/open-webui/open-webui/security/advisories/GHSA-rh5x-h6pp-cjj6
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2f35f14e");
script_set_attribute(attribute:"solution", value:
"Upgrade to Open WebUI version 0.9.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-45398");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2026-45401");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/05/10");
script_set_attribute(attribute:"patch_publication_date", value:"2026/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/05/15");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:openwebui:open_webui");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Artificial Intelligence");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("open_webui_web_detect.nbin");
script_require_keys("installed_sw/Open WebUI");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'checks': [
{
'product': {'name': 'Open WebUI', 'type': 'app'},
'check_algorithm': 'default',
'constraints': [
{'fixed_version': '0.9.5'}
]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 May 2026 00:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.18.5
EPSS0.00043
SSVC