Lucene search
K

4 matches found

OSV
OSV
added 2026/06/23 4:39 p.m.3 views

CVE-2026-54021 Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS6AI score0.0021EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/17 6:1 p.m.14 views

Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Summary Several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access control on these routes validates only whether the user may use the requested model, never which backend the...

6.3CVSS5.6AI score0.0021EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 6:1 p.m.4 views

GHSA-9RPJ-V7HF-VV2W Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Summary Several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access control on these routes validates only whether the user may use the requested model, never which backend the...

6.3CVSS5.7AI score0.0021EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.21 views

PT-2026-50592

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description Several direct, index-addressed Ollama proxy routes allow authenticated users to bypass backend isolation. The system accepts a caller-supplied url idx path parameter and uses it as a raw index in...

6.3CVSS5.9AI score0.0021EPSS
Exploits0References6
Rows per page
Query Builder