CVE-2026-54022

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs b...

Open WebUI: Any authenticated user can read other users' private notes via Socket.IO

Summary The ydoc:document:join Socket.IO handler checks note ownership only when the documentid starts with note: colon. However, the YdocManager storage layer normalizes all document IDs by replacing colons with underscores documentid.replace":", "". An attacker can join a document room using no...

PT-2026-50593

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.11 Description An authorization bypass exists in the ydoc:document:join Socket.IO handler. The handler only performs ownership checks when the document id variable starts with the prefix note: colon. However, t...

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

CVE-2026-44564

Open WebUI (self-hosted offline AI platform) contains a vulnerability in the ydoc:document:update Socket.IO handler that allows read-only users to modify in-memory Yjs documents. The handler validates room membership but does not verify write permission, and read-only users join the document room...

EUVD-2026-30616

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI based on the open-source Open WebUI framework. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the ydoc:document:update Socket.IO event handler, which checke...

GHSA-VRFH-RJ4Q-RMHR Read-Only Open WebUI Users Can Modify Collaborative Documents via Socket.IO

Read-Only Users Can Modify Collaborative Documents via Socket.IO Affected Component Socket.IO collaborative document editing handler: - backend/openwebui/socket/main.py lines 667-721, ydoc:document:update handler Affected Versions Current main branch and likely all versions with collaborative not...

OPENSUSE-SU-2026:10428-1 python311-jupyter-ydoc-3.4.0-2.1 on GA media

These are all security issues fixed in the python311-jupyter-ydoc-3.4.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15273-1 python311-jupyter-ydoc-3.1.0-1.1 on GA media

These are all security issues fixed in the python311-jupyter-ydoc-3.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

python310-jupyter-ydoc-3.0.0-2.1 on GA media (moderate)

python310-jupyter-ydoc-3.0.0-2.1 on GA media Announcement ID: openSUSE-SU-2024:14559-1 Rating: moderate Cross-References: CVE-2024-21538 CVSS scores: CVE-2024-21538 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2024-21538 SUSE : 5.6...

OPENSUSE-SU-2024:14559-1 python310-jupyter-ydoc-3.0.0-2.1 on GA media

These are all security issues fixed in the python310-jupyter-ydoc-3.0.0-2.1 package on the GA media of openSUSE Tumbleweed...