open-webui Summary

Latest vulnerabilities published by open-webui

JSON RSS CSV 🔔 Create Alert Trigger

5 May 2025

Stored Cross-Site Scripting in Open WebUI Affecting Chat Features
CVE-2025-46719
Open-webuiOpen-webui5.4MEDIUM
Remote Code Execution Vulnerability in Open WebUI by Open WebUI
CVE-2025-46571
Open-webuiOpen-webui5.3MEDIUM

20 March 2025

Cross-Site Scripting Flaw in Open-WebUI by Open-WebUI Team
CVE-2024-8017
Open-webuiOpen-webui/open-webui9CRITICAL
Session Fixation Vulnerability in Open-WebUI by Open-WebUI
CVE-2024-7053
Open-webuiOpen-webui/open-webui9CRITICAL
Authentication Bypass in open-webui's PDF Generation Service
CVE-2024-8053
Open-webuiOpen-webui/open-webui8.2HIGH
Remote Code Execution Vulnerability in Open-WebUI by Open-WebUI
CVE-2024-7806
Open-webuiOpen-webui/open-webui8.8HIGH
Improper Privilege Management in open-webui by open-webui
CVE-2024-7039
Open-webuiOpen-webui/open-webui8.3HIGH
Denial of Service Vulnerability in Open Web UI by Open-WebUI
CVE-2024-12534
Open-webuiOpen-webui/open-webui7.5HIGH
Arbitrary File Write in open-webui Affects User Data Management
CVE-2024-7034
Open-webuiOpen-webui/open-webui6.5MEDIUM
Improper Access Control in Open-WebUI Product by Open-WebUI Vendor
CVE-2024-7043
Open-webuiOpen-webui/open-webui8.1HIGH
Denial of Service Vulnerability in open-webui by open-webui
CVE-2024-7983
Open-webuiOpen-webui/open-webui7.5HIGH
Stored Cross-Site Scripting Vulnerability in Open-WebUI by Open-WebUI
CVE-2024-7044
Open-webuiOpen-webui/open-webui6.8MEDIUM
Improper Access Control in open-webui Affects User Data Retrieval
CVE-2024-7045
Open-webuiOpen-webui/open-webui4.3MEDIUM
Cross-Site Request Forgery Risk in Open-WebUI by Open-WebUI Team
CVE-2024-7035
Open-webuiOpen-webui/open-webui6.9MEDIUM
Denial of Service Vulnerability in Open-WebUI by Open-WebUI
CVE-2024-7036
Open-webuiOpen-webui/open-webui7.5HIGH
Arbitrary File Write Vulnerability in Open-Webui by Open-Webui Team
CVE-2024-7033
Open-webuiOpen-webui/open-webui6.5MEDIUM
Path Traversal Vulnerability in OpenWebUI Audio API
CVE-2024-8060
Open-webuiOpen-webui/open-webui8.1HIGH
Improper Access Control in Open Web UI by Open-WebUI
CVE-2024-7040
Open-webuiOpen-webui/open-webui4.9MEDIUM
Improper Access Control in Open-WebUI Affects Admin Details Visibility
CVE-2024-7046
Open-webuiOpen-webui/open-webui4.3MEDIUM
Authentication Flaw in Open-WebUI Affects Performance
CVE-2024-12537
Open-webuiOpen-webui/open-webui7.5HIGH
Server-Side Request Forgery Vulnerability in Open-WebUI by OpenAI
CVE-2024-7959
Open-webuiOpen-webui/open-webui7.7HIGH
Stored Cross-Site Scripting Vulnerability in Open-WebUI by Open-WebUI
CVE-2024-7990
Open-webuiOpen-webui/open-webui8.4HIGH

10 October 2024

Pending Role Logins Bypass Approval Process
CVE-2024-7049
Open-webuiOpen-webui/open-webui5.4MEDIUM
Improper Privilege Management Vulnerability in Open-WebUI
CVE-2024-7048
Open-webuiOpen-webui/open-webui6.3MEDIUM

9 October 2024

Vulnerability in open-webui/open-webui Allows Arbitrary File Write and Delete, Potentially Leading to Remote Code Execution
CVE-2024-7037
Open-webuiOpen-webui/open-webui6.5MEDIUM

open-webui Summary

Vulnerability Published:

Sort By:

5 May 2025

Stored Cross-Site Scripting in Open WebUI Affecting Chat Features

Remote Code Execution Vulnerability in Open WebUI by Open WebUI

20 March 2025

Cross-Site Scripting Flaw in Open-WebUI by Open-WebUI Team

Session Fixation Vulnerability in Open-WebUI by Open-WebUI

Authentication Bypass in open-webui's PDF Generation Service

Remote Code Execution Vulnerability in Open-WebUI by Open-WebUI

Improper Privilege Management in open-webui by open-webui

Denial of Service Vulnerability in Open Web UI by Open-WebUI

Arbitrary File Write in open-webui Affects User Data Management

Improper Access Control in Open-WebUI Product by Open-WebUI Vendor

Denial of Service Vulnerability in open-webui by open-webui

Stored Cross-Site Scripting Vulnerability in Open-WebUI by Open-WebUI

Improper Access Control in open-webui Affects User Data Retrieval

Cross-Site Request Forgery Risk in Open-WebUI by Open-WebUI Team

Denial of Service Vulnerability in Open-WebUI by Open-WebUI

Arbitrary File Write Vulnerability in Open-Webui by Open-Webui Team

Path Traversal Vulnerability in OpenWebUI Audio API

Improper Access Control in Open Web UI by Open-WebUI

Improper Access Control in Open-WebUI Affects Admin Details Visibility

Authentication Flaw in Open-WebUI Affects Performance

Server-Side Request Forgery Vulnerability in Open-WebUI by OpenAI

Stored Cross-Site Scripting Vulnerability in Open-WebUI by Open-WebUI

10 October 2024

Pending Role Logins Bypass Approval Process

Improper Privilege Management Vulnerability in Open-WebUI

9 October 2024

Vulnerability in open-webui/open-webui Allows Arbitrary File Write and Delete, Potentially Leading to Remote Code Execution