Lucene search
K

8 matches found

NVD
NVD
added 2026/06/23 6:18 p.m.10 views

CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS0.00174EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:46 p.m.5 views

CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS5.8AI score0.00174EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/23 4:46 p.m.2 views

CVE-2026-54013 Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS5.9AI score0.00174EPSS
Exploits1References3
OSV
OSV
added 2026/06/17 2:15 p.m.6 views

GHSA-V2QM-5WXJ-QHJ7 Open WebUI: Stored XSS to Account Takeover via Model Profile Images

Stored XSS to Account Takeover via Model Profile Images in Open WebUI Affected: Open WebUI tags. On the output side, users.py added a MIME allowlist check and X-Content-Type-Options: nosniff. The fix was applied to UserUpdateForm, UpdateProfileForm, and later to ChannelWebhookForm. Three models...

7.6CVSS5.3AI score0.00174EPSS
Exploits1References2
OSV
OSV
added 2026/06/17 2:15 p.m.6 views

GHSA-VJQM-6GCC-62CR Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion

Summary Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the referenced files. Open WebUI then treats meta.knowledge entries of type file as an authorization source in two...

7.1CVSS5.7AI score0.00198EPSS
Exploits1References2
OSV
OSV
added 2026/05/15 8:2 p.m.3 views

CVE-2026-44721 Open WebUI: Stored XSS via Model Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting XSS vulnerability that allows any authenticated user with model creation permission workspace.models to execute arbitrary JavaScript in the browser of a...

7.3CVSS7.3AI score0.00308EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/14 8:26 p.m.14 views

Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)

Summary When setting model permissions so that a group has read access to it, intending for other users to use it, those users also can read the model's system prompt. However users may consider their system prompt confidential, so we consider this a security issue. Compare...

4.3CVSS5.8AI score0.0022EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/05/08 7:52 p.m.9 views

Missing Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization through the importmodels process. An attacker can overwrite existing models owned by other users, modify their configuration, and escalate access by submitting crafted payloads to the...

7.1CVSS5.8AI score0.0029EPSS
Exploits1References2
Rows per page
Query Builder