Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.12 views

CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection. Version 0.8.6 patches the issue...

4.3CVSS5.9AI score0.00253EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 3:35 p.m.6 views

EUVD-2026-16486

Open WebUI's Insecure Direct Object Reference IDOR allows access to other users' memories...

3.1CVSS5.9AI score0.00253EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 12:16 a.m.3 views

CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection. Version 0.8.6 patches the issue...

4.3CVSS0.00253EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.21 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained a security vulnerability. This vulnerability stems from the/api/v1/retrieval/query/collection endpoint, which allows access to other users’ private...

4.3CVSS5.8AI score0.00253EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:54 p.m.2 views

CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via /api/v1/retrieval/query/collection. Version 0.8.6 patches the issue...

3.1CVSS5.8AI score0.00253EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder