Lucene search
K

87212 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/15 9:7 p.m.10 views

CVE-2026-45365

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 9:7 p.m.11 views

EUVD-2026-30649

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/15 9:5 p.m.13 views

EUVD-2026-30642

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/15 9:5 p.m.34 views

CVE-2026-44570 Open WebUI: Inconsistent authorization controls within memories API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

8.3CVSS0.00294EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:5 p.m.14 views

CVE-2026-44570

CVE-2026-44570 affects Open WebUI prior to version 0.6.19, where authorization controls around the memories API were inconsistent. A non-admin user could query, view, delete, or attempt to modify another user’s memories via endpoints such as POST /api/v1/memories/query, POST /api/v1/memories/{mem...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 9:5 p.m.11 views

CVE-2026-44570 Open WebUI: Inconsistent authorization controls within memories API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 8:59 p.m.7 views

CVE-2026-44567

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is...

7.3CVSS5.8AI score0.0023EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 8:59 p.m.15 views

EUVD-2026-30643

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is...

7.3CVSS5.8AI score0.0023EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.20 views

CVE-2026-45675

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, lin...

8.1CVSS0.00354EPSS
Exploits1References3
NVD
NVD
added 2026/05/15 8:16 p.m.18 views

CVE-2026-44558

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filterallowedaccessgrants on either create or update paths. A non-admin user who can create group channels or who owns a channel can submit arbitrary...

5.4CVSS0.0019EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.33 views

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS0.00284EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 8:16 p.m.26 views

CVE-2026-44555

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via basemodelid: a user-defined model e.g., "Cheap Assistant" can reference an existing base model e.g., "gpt-4-turbo-restricted" that provides...

7.6CVSS0.00248EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/15 7:54 p.m.44 views

CVE-2026-44553 Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS0.00284EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 7:54 p.m.21 views

CVE-2026-44553

Open WebUI (self-hosted offline AI) has a Socket.IO session cache vulnerability where admin role changes or user deletions are not propagated to active sessions. Prior to version 0.9.0, a user whose admin role was revoked can retain admin privileges within their existing Socket.IO session as long...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 7:54 p.m.7 views

CVE-2026-44553 Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:54 p.m.5 views

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 7:54 p.m.18 views

EUVD-2026-30615

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

8.1CVSS5.7AI score0.00284EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:48 p.m.9 views

CVE-2026-44555

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via basemodelid: a user-defined model e.g., "Cheap Assistant" can reference an existing base model e.g., "gpt-4-turbo-restricted" that provides...

7.6CVSS5.9AI score0.00248EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/15 7:48 p.m.27 views

CVE-2026-44555

Open WebUI (self-hosted AI platform) has a vulnerability where a model created with base_model_id can chain to a restricted base model without validating access to that base model. Before 0.9.0, during model creation, the system does not verify the creator’s permission on the referenced base mode...

7.6CVSS5.9AI score0.00248EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 7:43 p.m.37 views

CVE-2026-44558 Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filterallowedaccessgrants on either create or update paths. A non-admin user who can create group channels or who owns a channel can submit arbitrary...

5.4CVSS0.0019EPSS
Exploits1References1
Rows per page
Query Builder