CVE-2026-45331
CVE-2026-45331 concerns Open WebUI’s validate_url() in backend/open_webui/retrieval/web/utils.py, where a call to validators.ipv6(ip, private=True) raises a ValidationError due to the library not implementing the private keyword for IPv6. This causes IPv6 addresses to bypass the intended filter, ...