8 matches found
CVE-2026-44557
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...
CVE-2026-44557
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...
CVE-2026-44557
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...
CVE-2026-44557 Open WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...
CVE-2026-44557 Open WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the validatecollectionaccess function uses an incomplete allowlist that only enforces ownership checks for collections matching user-memory- and file- patterns. All other collection...
CVE-2026-44557
Open WebUI before v0.9.0 is vulnerable to global knowledge-base enumeration through the retrieval query endpoints. The _validate_collection_access function uses an incomplete allowlist that only enforces ownership for collections starting with user-memory- or file-, allowing any authenticated use...
GHSA-6C2X-GCP3-GP73 Open WebUI vulnerable to Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
Global Knowledge Base Enumeration via knowledge-bases Meta-Collection Affected Component Retrieval collection access validation: - backend/openwebui/routers/retrieval.py lines 2330-2355, validatecollectionaccess - backend/openwebui/routers/retrieval.py query endpoints, e.g. POST /query/doc Affect...
PT-2026-39274
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description The validate collection access function employs an incomplete allowlist that only verifies ownership for collections starting with user-memory- and file-. Other collection names, such as the...