open-webui vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-54022Mediumopen-webui: Open WebUI: Any authenticated user can read other users' private notes via Socket.IOCVE-2026-54021Mediumopen-webui: Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded…CVE-2026-54019Mediumopen-webui: Open WebUI: RAG ACL Bypass in Milvus Multitenancy ModeCVE-2026-54018Highopen-webui: Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP RedirectsCVE-2026-54017Highopen-webui: Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversalCVE-2026-54016Mediumopen-webui: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File EnumerationCVE-2026-54015Mediumopen-webui: Open WebUI Prompt history IDOR: unbound history_id allows cross-prompt read and deletionCVE-2026-54014Mediumopen-webui: Open WebUI: Sibling-Prefix Path Traversal via /cache/{path}CVE-2026-54013Highopen-webui: Open WebUI: Stored XSS to Account Takeover via Model Profile Images CVE-2026-54012Highopen-webui: Open WebUI: Forged model meta.knowledge allows cross-user file read and deletionCVE-2026-54011Highopen-webui: Open WebUI: Stored XSS in Mermaid Markdown PreviewCVE-2026-54010Highopen-webui: Open WebUI: Forged chat-file link allows cross-user file read and deletionCVE-2026-54009Mediumopen-webui: Open WebUI: Cross-user file disclosure via /api/chat/completions image_url fieldCVE-2026-54008Highopen-webui: Open WebUI: Redirect-Bypass SSRF in OAuth `_process_picture_url` (incomplete-fix sibling of…CVE-2026-54007Highopen-webui: Open WebUI: Cross-origin postMessage confirmation bypass via action:submitCVE-2026-54006Mediumopen-webui: Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendarCVE-2026-45675Highopen-webui: Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin AccountsCVE-2026-45672Highopen-webui: Open WebUI: Jupyter code execution works despite `ENABLE_CODE_EXECUTION=false` — feature gate…CVE-2026-45671Highopen-webui: Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletionCVE-2026-45667Mediumopen-webui: Open WebUI: Unauthenticated endpoint can trigger embedding generation (cost/DoS)CVE-2026-45666Mediumopen-webui: Open WebUI has an Indirect Object Reference (IDOR) in user notesCVE-2026-45665Highopen-webui: Open WebUI has Stored XSS in Banner Component via Improper Sanitization OrderCVE-2026-45402Highopen-webui: Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base…GHSA-3WGJ-C2HG-VM6QHighopen-webui: Open WebUI vulnerable to stored XSS via OAuth picture claim stored as SVG data URI in…CVE-2026-45401Highopen-webui: Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not…

Stop the waste.
Protect your environment with Kodem.