Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

open-webui — Vulnerabilities & Security Advisories 40

Browse all 40 CVE security advisories affecting open-webui. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Open-webui serves as a self-hosted, feature-rich interface for interacting with large language models, primarily enabling users to deploy and manage AI applications locally or within private networks. Its architecture, which bridges web clients with backend model services, has historically exposed it to critical vulnerabilities, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and improper access control issues. With forty recorded CVEs, the software frequently suffers from insecure direct object references and authentication bypasses, often stemming from complex integration layers between the UI and underlying model APIs. Recent incidents highlight risks related to unvalidated file uploads and session management flaws, allowing attackers to escalate privileges or execute arbitrary commands. These recurring security gaps underscore the necessity for rigorous input validation and strict permission controls when deploying open-webui in production environments, particularly given its role in handling sensitive data interactions.

Top products by open-webui: open-webui/open-webui open-webui
CVE IDTitleCVSSSeverityPublished
CVE-2026-34225 Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality — open-webuiCWE-918 4.3 Medium2026-04-14
CVE-2026-34222 Open WebUI has Broken Access Control in Tool Valves — open-webuiCWE-285 7.7 High2026-04-01
CVE-2026-29071 Open WebUI's Insecure Direct Object Reference (IDOR) allows access to other users' memories — open-webuiCWE-639 3.1 Low2026-03-26
CVE-2026-29070 Open WebUI has unauthorized deletion of knowledge files — open-webuiCWE-862 5.4 Medium2026-03-26
CVE-2026-28788 Open WebUI's process_files_batch() endpoint missing ownership check, allows unauthorized file overwrite — open-webuiCWE-639 7.1 High2026-03-26
CVE-2026-28786 Open WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions` — open-webuiCWE-22 4.3 Medium2026-03-26
CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages — open-webuiCWE-79 7.3 High2026-02-19
CVE-2026-26192 Open WebUI vulnerable to Stored XSS via iFrame in citations model — open-webuiCWE-79 7.3 High2026-02-19
CVE-2025-65959 Open WebUI vulnerable to Stored DOM XSS via Note 'Download PDF' — open-webuiCWE-79 8.7 High2025-12-04
CVE-2025-65958 Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web — open-webuiCWE-918 8.5 High2025-12-04
CVE-2025-64496 Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events — open-webuiCWE-95 7.3 High2025-11-08
CVE-2025-64495 Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE — open-webuiCWE-79 8.7 High2025-11-08
CVE-2025-46719 Open WebUI vulnerable to stored XSS via unescaped markdown token in MarkdownTokens.svelte leading to full account takeover and RCE via functions — open-webuiCWE-79 8.2AIHighAI2025-05-05
CVE-2025-46571 Open WebUI vulnerable to limited stored XSS vila uploaded html file — open-webuiCWE-79 5.4AIMediumAI2025-05-05
CVE-2024-8017 Cross-site Scripting (XSS) in open-webui/open-webui — open-webui/open-webuiCWE-79 5.4 -2025-03-20
CVE-2024-7053 Session Fixation in open-webui/open-webui — open-webui/open-webuiCWE-79 8.0 -2025-03-20
CVE-2024-8053 Improper Authentication in open-webui/open-webui — open-webui/open-webuiCWE-306 9.1 -2025-03-20
CVE-2024-7806 Remote Code Execution by Non-Admin Users via CSRF in open-webui/open-webui — open-webui/open-webuiCWE-352 8.8 -2025-03-20
CVE-2024-7039 Improper Privilege Management in open-webui/open-webui — open-webui/open-webuiCWE-863 6.5 -2025-03-20
CVE-2024-12534 Denial of Service (DoS) in open-webui/open-webui — open-webui/open-webuiCWE-400 7.5 -2025-03-20
CVE-2024-7034 Remote Code Execution due to Arbitrary File Write in open-webui/open-webui — open-webui/open-webuiCWE-22 9.1 -2025-03-20
CVE-2024-7043 Improper Access Control in open-webui/open-webui — open-webui/open-webuiCWE-862 9.8 -2025-03-20
CVE-2024-7983 Denial of Service in open-webui/open-webui — open-webui/open-webuiCWE-770 7.5 -2025-03-20
CVE-2024-7044 Stored XSS in open-webui/open-webui — open-webui/open-webuiCWE-79 6.1 -2025-03-20
CVE-2024-7045 Improper Access Control in open-webui/open-webui — open-webui/open-webuiCWE-862 5.3 -2025-03-20
CVE-2024-7035 Cross-Site Request Forgery (CSRF) in open-webui/open-webui — open-webui/open-webuiCWE-352 8.1 -2025-03-20
CVE-2024-7036 Denial of Service in open-webui/open-webui — open-webui/open-webuiCWE-400 7.5 -2025-03-20
CVE-2024-7033 Arbitrary File Write in open-webui/open-webui — open-webui/open-webuiCWE-29 9.8 -2025-03-20
CVE-2024-8060 Remote Code Execution in OpenWebUI via Arbitrary File Upload — open-webui/open-webuiCWE-22 8.8 -2025-03-20
CVE-2024-7040 Improper Access Control in open-webui/open-webui — open-webui/open-webuiCWE-639 2.7 -2025-03-20

This page lists every published CVE security advisory associated with open-webui. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.