57 matches found
CVE-2026-29070
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base or is admin,...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained security vulnerabilities. These vulnerabilities stemmed from the lack of access control checks when deleting files from the knowledge base, which could...
CVE-2026-28786
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...
CVE-2026-29070
creationtimestamp| type| source ---|---|--- 2026-03-26 23:27:54+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-26gm-93rw-cchf...
PT-2026-28385
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is an artificial intelligence platform designed for offline operation. A missing access control check when deleting files from a knowledge base allows a user with write access to a...
EUVD-2025-208453
A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/startwindows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUISECRETKEY leads to insufficiently random values. It is possible to launch the attack...
PT-2026-1997
Name of the Vulnerable Software and Affected Versions Open WebUI affected versions not specified Description A flaw exists in Open WebUI that allows network-adjacent attackers to disclose sensitive information. The issue stems from transmitting credentials in plaintext through an unspecified...
CVE-2025-66019 vulnerabilities
Vulnerabilities for packages: nemo, open-webui...
CVE-2025-66416 vulnerabilities
Vulnerabilities for packages: semgrep, open-webui...
open-webui is Vulnerable to Incorrect Access Control
open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers a normal user to stop arbitrary LLM response tasks...
EUVD-2025-38253
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers vi...
GHSA-7F5H-V6XP-FCQ8 vulnerabilities
Vulnerabilities for packages: kserve, mlflow, open-webui, k8s-sidecar, reflex...
编号撤回
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI Open Source. This CVE number has been withdrawn...
WCMS Server-Side Request Forgery Vulnerability
WCMS is a content management system CMS that uses an open web interface to build websites. A server-side request forgery vulnerability exists in WCMS version 0.3.2. An attacker can send a specially crafted request from the web application's back-end server via the path parameter of wex/cssjs.php,...
WCMS Directory Traversal Vulnerability
WCMS is a content management system CMS that uses an open web interface to build websites. A directory traversal vulnerability exists in WCMS version 0.3.2. The vulnerability can be exploited to read arbitrary files on the server running the application via the path parameter of wex/cssjs.php...
CVE-2018-15483
An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04...
CVE-2018-15484
An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01...