Lucene search
K

131 matches found

CVE
CVE
added 6 days ago10 views

CVE-2026-59223

Open WebUI vulnerability CVE-2026-59223 affects the WEB_FETCH_FILTER_LIST logic prior to 0.10.0, allowing path-based blocklist bypasses (e.g., !internal.example.com in a URL path) and misalignment with hostname policy for sibling-domain matches. The issue is fixed in version 0.10.0. Impact is a p...

4.3CVSS6AI score0.00223EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-59227

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to...

4.3CVSS6AI score0.00259EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/07/07 4:51 p.m.8 views

GHSA-JGX9-JR5X-MVPV Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality

Summary There is a blind server side request forgery in the functionality that allows editing an image via a prompt. The affected function will perform a GET request on the URL provided by the user. There is no restriction on the domain of the provided URL allowing the local address space to be...

4.3CVSS5.9AI score0.00227EPSS
Exploits1References3
OSV
OSV
added 2026/07/07 4:51 p.m.7 views

GHSA-VJM7-M4XH-7WRC Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages

Summary Manually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts and allow-same-origin set, ignoring the "iframe Sandbox Allow Same Origin" configuration. This enables stored XSS o...

7.3CVSS6.2AI score0.00198EPSS
Exploits1References4
Chainguard
Chainguard
added 2026/06/26 8:23 p.m.11 views

GHSA-JM82-FX9C-MX94 vulnerabilities

Vulnerabilities for packages: nemo, open-webui...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

CVE-2026-54531 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5.8AI score0.00123EPSS
Exploits0
NVD
NVD
added 2026/06/23 6:18 p.m.11 views

CVE-2026-54014

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS0.00244EPSS
Exploits1References1
OSV
OSV
added 2026/06/23 4:51 p.m.3 views

CVE-2026-54007 Open WebUI: Cross-origin postMessage confirmation bypass via action:submit

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim...

7.1CVSS6AI score0.00162EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 4:45 p.m.41 views

CVE-2026-54014 Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...

4.3CVSS0.00244EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/18 9:9 p.m.31 views

CVE-2026-54017 Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the terminal-server reverse proxy in backend/openwebui/routers/terminals.py does not fully confine the user-controlled path segment before forwarding it to an admin-configured termin...

7.7CVSS0.00349EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 2:16 p.m.7 views

GHSA-4R4W-2WGP-W7CJ Open WebUI Prompt history IDOR: unbound history_id allows cross-prompt read and deletion

Summary Open WebUI's prompt version-history endpoints authorize the promptid in the URL but then act on caller-supplied history IDs without verifying that the history row belongs to that prompt historyentry.promptid == prompt.id. Three operations are affected: - GET...

6.4CVSS5.7AI score0.00169EPSS
Exploits1References2
OSV
OSV
added 2026/06/17 2:12 p.m.8 views

GHSA-VRHC-3FR6-PC3C Open WebUI: Forged chat-file link allows cross-user file read and deletion

Summary Open WebUI v0.9.5 lets an authenticated user attach arbitrary fileid values to their own chat message without checking whether they own or can read those files. If the attacker then shares that chat and grants themselves read access, hasaccesstofile treats the victim file as accessible...

8.3CVSS5.6AI score0.00241EPSS
Exploits1References4
OSV
OSV
added 2026/06/17 2:9 p.m.5 views

GHSA-F3G7-59QC-PQG6 Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendar

Summary POST /api/v1/calendars/events/eventid/update validates that the caller has write access to the calendar the event currently belongs to, but does not validate the destination calendarid supplied in the request body. The model layer then persists the new calendarid unconditionally. A regula...

4.3CVSS5.4AI score0.00179EPSS
Exploits1References2
Wolfi
Wolfi
added 2026/06/15 8:35 p.m.10 views

GHSA-CJ93-CHG6-VGV8 vulnerabilities

Vulnerabilities for packages: open-webui...

5.2AI score
Exploits0
Wolfi
Wolfi
added 2026/06/15 8:35 p.m.8 views

GHSA-248M-82V9-Q6G6 vulnerabilities

Vulnerabilities for packages: open-webui...

5.2AI score
Exploits0
Circl
Circl
added 2026/06/11 7:14 p.m.12 views

CVE-2026-54022

creationtimestamp| type| source ---|---|--- 2026-06-11 19:14:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-8788-j68r-3cgh...

5.3CVSS5AI score0.00268EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:9 p.m.11 views

CVE-2026-54019

creationtimestamp| type| source ---|---|--- 2026-06-11 19:09:52+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-p5cp-r7rg-qpxc...

6.5CVSS5AI score0.00281EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:6 p.m.10 views

CVE-2026-54016

creationtimestamp| type| source ---|---|--- 2026-06-11 19:06:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-cx9v-4qj2-jrw6...

4.3CVSS5AI score0.00226EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:5 p.m.11 views

CVE-2026-54015

creationtimestamp| type| source ---|---|--- 2026-06-11 19:05:34+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-4r4w-2wgp-w7cj...

6.4CVSS5AI score0.00169EPSS
Exploits1References1
Circl
Circl
added 2026/06/11 7:4 p.m.8 views

CVE-2026-54014

creationtimestamp| type| source ---|---|--- 2026-06-11 19:04:46+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-j2c8-v969-8r5c...

4.3CVSS5AI score0.00244EPSS
Exploits1References1
Rows per page
Query Builder