Lucene search
K

74 matches found

EUVD
EUVD
added 2026/05/15 8:36 p.m.17 views

EUVD-2026-30632

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, Pin/Unpin is a write operation modifies the message's ispinned , pinnedby, pinnedat fields, but in standard channels it only checks read permission, allowing users with read-only...

4.3CVSS5.8AI score0.00204EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 8:33 p.m.18 views

EUVD-2026-30630

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses modelconfig = ConfigDictextra='allow'. Due to an...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 8:33 p.m.14 views

EUVD-2026-30627

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...

7.2CVSS6.2AI score0.00437EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 8:32 p.m.6 views

CVE-2026-45387

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model permissions so that a group has read access to it, intending for other users to use it, those users also can read the model's system prompt. However users may...

4.3CVSS5.8AI score0.0022EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/05/15 8:16 p.m.14 views

CVE-2026-45349

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

7.1CVSS0.00231EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.44 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS0.0027EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 8:2 p.m.16 views

EUVD-2026-30625

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...

7.3CVSS7.3AI score0.00308EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:57 p.m.7 views

CVE-2026-44552

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

8.7CVSS5.8AI score0.00305EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 7:57 p.m.15 views

EUVD-2026-30609

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

8.7CVSS5.8AI score0.00305EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 7:49 p.m.17 views

EUVD-2026-30622

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collectionname and an overwrite query parameter default: True. It performs no authorization check on whether t...

8.1CVSS5.8AI score0.00295EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:49 p.m.8 views

CVE-2026-44554

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collectionname and an overwrite query parameter default: True. It performs no authorization check on whether t...

8.1CVSS5.8AI score0.00295EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/15 7:49 p.m.35 views

CVE-2026-44554

Open WebUI (self-hosted AI) vulnerability: the POST /api/v1/retrieval/process/web endpoint accepts a user-controlled collection_name with overwrite defaulting to True, and performs no authorization check to verify write access. When overwrite is True, save_docs_to_vector_db calls VECTOR_DB_CLIENT...

8.1CVSS5.8AI score0.00295EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/15 7:46 p.m.14 views

EUVD-2026-30624

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6AI score0.00306EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:46 p.m.8 views

CVE-2026-44556

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/15 7:44 p.m.21 views

CVE-2026-44557

Open WebUI before v0.9.0 is vulnerable to global knowledge-base enumeration through the retrieval query endpoints. The _validate_collection_access function uses an incomplete allowlist that only enforces ownership for collections starting with user-memory- or file-, allowing any authenticated use...

4.3CVSS5.8AI score0.00221EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/15 7:44 p.m.14 views

EUVD-2026-30620

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...

4.3CVSS5.8AI score0.00221EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 7:34 p.m.17 views

EUVD-2026-30619

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the isuserchannelmember function checks whether a ChannelMember row exists but does not check the isactive field. When a user is deactivated from a group or DM channel removed by the...

5.4CVSS5.8AI score0.00178EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 7:22 p.m.33 views

EUVD-2026-30611

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validateurl in backend/openwebui/retrieval/web/utils.py calls validators.ipv6ip, private=True, but the validators library does NOT implement the private keyword for IPv6 — the call...

8.5CVSS5.8AI score0.00286EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:21 p.m.7 views

CVE-2026-45339

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which API endpoints an API key can access. When an API key is restricted from /api/v1/messages, requests using the Authorization: Bearer sk-...

6.5CVSS5.8AI score0.00309EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 7:21 p.m.18 views

EUVD-2026-30612

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which API endpoints an API key can access. When an API key is restricted from /api/v1/messages, requests using the Authorization: Bearer sk-...

6.5CVSS5.8AI score0.00309EPSS
Exploits1References1
Rows per page
Query Builder