Lucene search
K

6 matches found

NVD
NVD
added 2026/06/23 6:18 p.m.10 views

CVE-2026-54021

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 4:39 p.m.43 views

CVE-2026-54021 Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS0.0021EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 4:39 p.m.3 views

CVE-2026-54021 Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS6AI score0.0021EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 4:39 p.m.24 views

CVE-2026-54021

Summary: Open WebUI prior to 0.9.6 allows any authenticated user to direct requests to arbitrary Ollama backends by appending a caller-supplied url_idx, bypassing backend-level isolation and possibly reaching restricted or disabled backends. The issue arises on index-addressed Ollama proxy routes...

6.3CVSS6AI score0.0021EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 6:1 p.m.14 views

Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Summary Several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access control on these routes validates only whether the user may use the requested model, never which backend the...

6.3CVSS5.6AI score0.0021EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 6:1 p.m.5 views

GHSA-9RPJ-V7HF-VV2W Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Summary Several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access control on these routes validates only whether the user may use the requested model, never which backend the...

6.3CVSS5.7AI score0.0021EPSS
Exploits0References2
Rows per page
Query Builder