CVE-2025-29446
CVE-2025-29446 is associated with Open WebUI 0.5.16, where the SSRF vulnerability resides in routers/ollama.py, function verify_connection. Red Hat’s advisory and Snyk report confirm a Server-Side Request Forgery vulnerability affecting this version and advise upgrading to Open WebUI >= 0.6.34...