CVE-2026-59226
Open WebUI (self-hosted AI platform) contains a vulnerability in versions prior to 0.10.0 where execute_automation rehydrated automation owners without rechecking active status or feature access, and model access checks only enforced private-model grants for the exact user role. This allowed deac...