Lucene search
K

40 matches found

EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42620

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, executeautomation rehydrated automation owners without rechecking that they were still active or still had features.automations, and checkmodelaccess only enforced private-model grants...

3.1CVSS6AI score0.00303EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-59226 Open WebUI: Scheduled automations continue after pending-user deactivation and stored model ACL revocation

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, executeautomation rehydrated automation owners without rechecking that they were still active or still had features.automations, and checkmodelaccess only enforced private-model grants...

3.1CVSS0.00303EPSS
Exploits0References4
CVE
CVE
added 5 days ago6 views

CVE-2026-59226

Open WebUI vulnerability CVE-2026-59226 affects versions prior to 0.10.0 of the Open WebUI platform. The issue stems from execute_automation rehydrating automation owners without rechecking that they were still active or had features.automations, and from check_model_access only enforcing private...

4.3CVSS6AI score0.00303EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56830

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.9.0 through 0.9.x Description The execute automation function rehydrated automation owners without verifying if they remained active or retained features.automations permissions. Additionally, the check model access...

4.3CVSS6.1AI score0.00303EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/10 10:23 p.m.33 views

CVE-2026-46645 SQLAdmin: Authorization Bypass on `ajax_lookup`

SQLAdmin is a flexible Admin interface for SQLAlchemy models. Prior to version 0.25.1, the ajaxlookup endpoint in application.py bypasses the isaccessible access control check that all other endpoints enforce. If a developer restricts model access by overriding isaccessible, an authenticated user...

4.3CVSS0.00279EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.9 views

CVE-2026-44556

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS5.6AI score0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 9:17 p.m.51 views

CVE-2026-45345 Open WebUI: Missing authorization check at the model update function - models from other users can be updated

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can modify another user's model even if its visibility is set to Private. By changing the access permissions during editing, unauthorized access can be gained. This...

6.5CVSS0.00226EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/15 9:7 p.m.7 views

CVE-2026-45365 Open WebUI: Authenticated users can bypass model access control via exposed query parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:7 p.m.10 views

CVE-2026-45365

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/05/15 9:7 p.m.26 views

CVE-2026-45365

Open WebUI suffers a parameter binding flaw: an internal bypass_filter parameter was exposed in the HTTP handlers for /openai/chat/completions and /ollama/api/chat via FastAPI query binding. This allowed any authenticated user to append ?bypass_filter=true and skip the ACL check, enabling access ...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 9:7 p.m.43 views

CVE-2026-45365 Open WebUI: Authenticated users can bypass model access control via exposed query parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS0.00193EPSS
Exploits1References1
OSV
OSV
added 2026/05/15 9:7 p.m.4 views

CVE-2026-45365 Open WebUI: Authenticated users can bypass model access control via exposed query parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...

5.4CVSS6.2AI score0.00193EPSS
Exploits1References3
NVD
NVD
added 2026/05/15 8:16 p.m.17 views

CVE-2026-44556

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 7:46 p.m.9 views

CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS5.9AI score0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 7:46 p.m.14 views

EUVD-2026-30624

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6AI score0.00306EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:46 p.m.8 views

CVE-2026-44556

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6AI score0.00306EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/15 7:46 p.m.2 views

CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6.1AI score0.00306EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/15 7:28 p.m.9 views

CVE-2026-44563 Open WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any model name from the user and forward the request to the Ollama backend without checking whether the...

5.4CVSS5.8AI score0.00238EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:28 p.m.8 views

CVE-2026-44563

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any model name from the user and forward the request to the Ollama backend without checking whether the...

5.4CVSS5.8AI score0.00238EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/15 7:28 p.m.19 views

EUVD-2026-30614

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any model name from the user and forward the request to the Ollama backend without checking whether the...

5.4CVSS5.8AI score0.00238EPSS
Exploits1References1
Rows per page
Query Builder