4 matches found
CVE-2026-44570
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2026-44570 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2026-44570 Source advisory: SNYK:PYTHON-OPENWEBUI-16691118...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2026-44570 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2026-44570 Source advisory: OSV:GHSA-HMJQ-CRXP-7RJW...
CVE-2026-44570
creationtimestamp| type| source ---|---|--- 2026-05-05 20:34:23+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-hmjq-crxp-7rjw 2026-05-21 00:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmd4spw3fu2w...