Lucene search
K

9860 matches found

CVE
CVE
added 2026/05/15 7:40 p.m.42 views

CVE-2026-44560

Open WebUI (self-hosted offline AI platform) contains a vector-search access control flaw in the RAG retrieval path. In get_sources_from_items, non-full-context file/text collection paths can query the vector store without authorization, enabling extraction of content from files and knowledge bas...

6.5CVSS5.8AI score0.00366EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/15 7:13 p.m.16 views

EUVD-2026-30606

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile...

8CVSS5.8AI score0.0027EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:13 p.m.5 views

CVE-2026-45671

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile...

8CVSS5.8AI score0.0027EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/15 7:13 p.m.21 views

CVE-2026-45671

Open WebUI vulnerability CVE-2026-45671 affects the shared-chat branch in the file authorization path. The has_access_to_file() gate unconditionally returns True for shared-chat references, ignoring the requesting user identity and the operation type. This allows any authenticated user to delete ...

8CVSS5.8AI score0.0027EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.14 views

Open WebUI < 0.9.5 Multiple Vulnerabilities

The version of Open WebUI running on the remote host is prior to 0.9.5. It is, therefore, affected by multiple vulnerabilities: - An insecure direct object reference IDOR vulnerability in the retrieval API allows any authenticated user who knows a private knowledge base UUID to bypass access...

8.5CVSS5.9AI score0.00331EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.9 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the collectionaccess verification function not checking the knowledge base collection. As ...

7.5CVSS5.8AI score0.00331EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the getsourcesfromitems function, where the execution vectors for paths containing a bare...

6.5CVSS6AI score0.00366EPSS
Exploits1References1
OSV
OSV
added 2026/05/14 8:28 p.m.7 views

GHSA-26G9-27VM-X3Q8 Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion

Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...

8CVSS5.7AI score0.0027EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/14 8:28 p.m.9 views

Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion

Summary Any authenticated user can permanently delete files owned by other users via DELETE /api/v1/files/id when the target file is referenced in any shared chat. The hasaccesstofile authorization gate unconditionally grants access through its shared-chat branch. It checks neither the requesting...

8CVSS5.7AI score0.0027EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/05/14 8:27 p.m.8 views

Authorization Bypass Through User-Controlled Key

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the getfolders and processchatpayload paths in the folder and chat handling code. An attacker can read files and knowledge collections they do not have...

8.6CVSS5.8AI score0.00346EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 8:27 p.m.14 views

GHSA-R472-MW7M-967F Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints

Cross-User File Access via Unchecked fileid in Folder Knowledge and Knowledge-Base Attach Endpoints Summary Multiple endpoints accept a user-supplied fileid and attach the referenced file to a resource the caller controls folder knowledge, knowledge-base contents without verifying that the caller...

8.1CVSS5.8AI score0.00346EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/14 8:27 p.m.13 views

Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints

Cross-User File Access via Unchecked fileid in Folder Knowledge and Knowledge-Base Attach Endpoints Summary Multiple endpoints accept a user-supplied fileid and attach the referenced file to a resource the caller controls folder knowledge, knowledge-base contents without verifying that the caller...

8.1CVSS5.8AI score0.00346EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/05/14 8:26 p.m.11 views

Authorization Bypass Through User-Controlled Key

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the retrieval process, specifically when validating access to knowledge base collections by UUID. An attacker can access, modify, or delete another user's...

7.7CVSS5.8AI score0.00331EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 8:26 p.m.10 views

GHSA-4G37-7P2C-38R9 Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls

IDOR: Retrieval API Bypasses Knowledge Base Access Controls Author: Andrew Orr Summary validatecollectionaccess PR 22109 checks the user-memory- and file- collection name prefixes but does not check knowledge base collections, which use raw UUIDs as collection names. Any authenticated user who...

7.5CVSS5.9AI score0.00331EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/14 8:26 p.m.12 views

Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls

IDOR: Retrieval API Bypasses Knowledge Base Access Controls Author: Andrew Orr Summary validatecollectionaccess PR 22109 checks the user-memory- and file- collection name prefixes but does not check knowledge base collections, which use raw UUIDs as collection names. Any authenticated user who...

7.5CVSS5.9AI score0.00331EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.18 views

PT-2026-41193

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.12 Description An Insecure Direct Object Reference IDOR exists in the retrieval API due to insufficient validation in the validate collection access function. While the function checks specific prefixes for use...

7.5CVSS5.8AI score0.00331EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.21 views

PT-2026-41197

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description Multiple endpoints accept a user-supplied file id and attach the referenced file to a resource controlled by the caller, such as folder knowledge or knowledge-base contents, without verifying if t...

8.1CVSS5.8AI score0.00346EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.18 views

PT-2026-41201

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description An authorization bypass allows any authenticated user to permanently delete files owned by other users. This occurs when a target file is referenced in any shared chat, as the has access to file...

8CVSS5.8AI score0.0027EPSS
Exploits1References10
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.18 views

2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5088863)

2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 KB5088863...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.22 views

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5087065)

2026-05 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 KB5087065...

5.8AI score
Exploits0
Rows per page
Query Builder