Lucene search
K

4 matches found

NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS0.00174EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:46 p.m.41 views

CVE-2026-54013 Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

7.6CVSS0.00174EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:46 p.m.22 views

CVE-2026-54013

CVE-2026-54013 describes a stored XSS in Open WebUI where the model profile image URL could be a data:image/svg+xml;base64 payload. The root cause is missing input validation on ModelMeta.profile_image_url and missing output protections in the model image endpoint (no MIME allowlist, no nosniff, ...

7.6CVSS5.8AI score0.00174EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.12 views

PT-2026-50485

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description Open WebUI contains a stored Cross-Site Scripting XSS issue where the platform fails to validate profile images for models. While similar issues were patched for user and webhook profile images, t...

7.6CVSS5.9AI score0.00174EPSS
Exploits1References7
Rows per page
Query Builder