CVE-2025-15603
Open WebUI up to version 0.6.16 is reported to contain a security issue in the JWT Key Handler, specifically in the file backend/start_windows.bat. Manipulating the WEBUI_SECRET_KEY argument can lead to insufficient randomness in keys, potentially enabling remote exploitation. Multiple connected ...