CVE-2026-44558

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filterallowedaccessgrants on either create or update paths. A non-admin user who can create group channels or who owns a channel can submit arbitrary...

CVE-2026-45351

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

EUVD-2026-30616

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

Open WebUI 授权问题漏洞

Open WebUI is an open-source, scalable, feature-rich, and user-friendly self-hosted WebUI. Versions of Open WebUI prior to 0.8.11 had vulnerabilities related to authorization issues, which stemmed from improper access control in tool values...

(0Day) Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of credentials provided to the endpoint. The issue results fro...

EUVD-2025-6966

Malicious code in bioql PyPI...