122 matches found
GHSA-JM82-FX9C-MX94 vulnerabilities
Vulnerabilities for packages: open-webui...
CVE-2026-54531 vulnerabilities
Vulnerabilities for packages: open-webui...
CVE-2026-54014
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...
CVE-2026-54014 Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webui
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache...
CVE-2026-54017 Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the terminal-server reverse proxy in backend/openwebui/routers/terminals.py does not fully confine the user-controlled path segment before forwarding it to an admin-configured termin...
GHSA-CJ93-CHG6-VGV8 vulnerabilities
Vulnerabilities for packages: open-webui...
GHSA-248M-82V9-Q6G6 vulnerabilities
Vulnerabilities for packages: open-webui...
CVE-2026-54022
creationtimestamp| type| source ---|---|--- 2026-06-11 19:14:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-8788-j68r-3cgh...
CVE-2026-54019
creationtimestamp| type| source ---|---|--- 2026-06-11 19:09:52+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-p5cp-r7rg-qpxc...
CVE-2026-54016
creationtimestamp| type| source ---|---|--- 2026-06-11 19:06:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-cx9v-4qj2-jrw6...
CVE-2026-54015
creationtimestamp| type| source ---|---|--- 2026-06-11 19:05:34+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-4r4w-2wgp-w7cj...
CVE-2026-54014
creationtimestamp| type| source ---|---|--- 2026-06-11 19:04:46+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-j2c8-v969-8r5c...
CVE-2026-54013
creationtimestamp| type| source ---|---|--- 2026-06-11 19:02:12+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-v2qm-5wxj-qhj7...
CVE-2026-54012
creationtimestamp| type| source ---|---|--- 2026-06-11 18:58:16+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-vjqm-6gcc-62cr...
CVE-2026-54008
creationtimestamp| type| source ---|---|--- 2026-06-11 18:56:45+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-226f-f24g-524w...
CVE-2026-54006
creationtimestamp| type| source ---|---|--- 2026-06-11 18:55:57+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-f3g7-59qc-pqg6...
GHSA-62Q4-447F-WV8H vulnerabilities
Vulnerabilities for packages: open-webui...
CVE-2026-45365
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypassfilter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated...
CVE-2026-45351
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...
CVE-2026-45338
Open WebUI CVE-2026-45338 describes an SSRF in _process_picture_url() (oauth.py) where the server fetches URLs from OAuth picture claims without validate_url(), enabling requests to internal resources and exfiltration of the full response. Affected software before the fix: Open WebUI prior to ver...