open-webui Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by open-webui

JSON RSS CSV 🔔 Create Alert Trigger

15 May 2026

Server-Side Request Forgery in Open WebUI by Open WebUI
CVE-2026-45338
Open-webuiOpen-webui7.7HIGH
XSS Vulnerability in Open WebUI Affects Offline AI Platform
CVE-2026-44549
Open-webuiOpen-webui7.3HIGH
Stored Cross-Site Scripting in Open WebUI Banner Component
CVE-2026-45665
Open-webuiOpen-webui8.1HIGH
Directory Traversal Vulnerability in Open WebUI by Open WebUI
CVE-2026-44565
Open-webuiOpen-webui8.1HIGH
Cross-Site Scripting Vulnerability in Open WebUI by Open WebUI
CVE-2026-45314
Open-webuiOpen-webui7.4HIGH
Improper File Handling in Open WebUI Affects Audio Transcription Endpoint
CVE-2026-45315
Open-webuiOpen-webui8.7HIGH
Vulnerability in Open WebUI's Chat Completion API Allows Unauthorized Access
CVE-2026-45350
Open-webuiOpen-webui7.1HIGH
Script Injection Vulnerability in Open WebUI by Open WebUI
CVE-2026-45303
Open-webuiOpen-webui7.7HIGH
Missing Permission Check Vulnerability in Open WebUI by Open WebUI
CVE-2026-45301
Open-webuiOpen-webui8.1HIGH
Inconsistent Authorization Controls in Open WebUI Affecting User Data Management
CVE-2026-44570
Open-webuiOpen-webui8.3HIGH
IDOR Vulnerability in Open WebUI Self-Hosted AI Platform
CVE-2026-44569
Open-webuiOpen-webui7.1HIGH
File Upload Vulnerability in Open WebUI by Open WebUI
CVE-2026-44566
Open-webuiOpen-webui7.3HIGH
User Role Validation Flaw in Open WebUI AI Platform
CVE-2026-44567
Open-webuiOpen-webui7.3HIGH
Arbitrary Code Execution Vulnerability in Open WebUI by Open WebUI
CVE-2026-45672
Open-webuiOpen-webui8.8HIGH
SSRF Bypass in Open WebUI AI Platform by Open WebUI
CVE-2026-45400
Open-webuiOpen-webui8.5HIGH
Authentication Bypass in Open WebUI AI Platform by Open WebUI
CVE-2026-45402
Open-webuiOpen-webui8.1HIGH
Redirect Vulnerability in Open WebUI Affects Offline AI Platform
CVE-2026-45401
Open-webuiOpen-webui8.5HIGH
Improper Access Control in Open WebUI Affects User Knowledge Bases
CVE-2026-45398
Open-webuiOpen-webui7.5HIGH
Permission Bypass in Open WebUI Affects Tool Management Capabilities
CVE-2026-45395
Open-webuiOpen-webui7.2HIGH
Stored Cross-Site Scripting Vulnerability in Open WebUI by Open WebUI
CVE-2026-44721
Open-webuiOpen-webui7.3HIGH
LDAP Authentication Vulnerability in Open WebUI by Open WebUI
CVE-2026-44551
Open-webuiOpen-webui9.1CRITICAL
Key Collision Vulnerability in Open WebUI Artificial Intelligence Platform
CVE-2026-44552
Open-webuiOpen-webui8.7HIGH
Session Management Flaw in Open WebUI Affects Administrative Controls
CVE-2026-44553
Open-webuiOpen-webui8.1HIGH
Unauthorized Access Vulnerability in Open WebUI AI Platform
CVE-2026-44554
Open-webuiOpen-webui8.1HIGH
Access Control Flaw in Open WebUI Affecting Model Configuration
CVE-2026-44555
Open-webuiOpen-webui7.6HIGH

open-webui Latest High & Critical Vulnerabilities

Vulnerability Published:

Sort By:

15 May 2026

Server-Side Request Forgery in Open WebUI by Open WebUI

XSS Vulnerability in Open WebUI Affects Offline AI Platform

Stored Cross-Site Scripting in Open WebUI Banner Component

Directory Traversal Vulnerability in Open WebUI by Open WebUI

Cross-Site Scripting Vulnerability in Open WebUI by Open WebUI

Improper File Handling in Open WebUI Affects Audio Transcription Endpoint

Vulnerability in Open WebUI's Chat Completion API Allows Unauthorized Access

Script Injection Vulnerability in Open WebUI by Open WebUI

Missing Permission Check Vulnerability in Open WebUI by Open WebUI

Inconsistent Authorization Controls in Open WebUI Affecting User Data Management

IDOR Vulnerability in Open WebUI Self-Hosted AI Platform

File Upload Vulnerability in Open WebUI by Open WebUI

User Role Validation Flaw in Open WebUI AI Platform

Arbitrary Code Execution Vulnerability in Open WebUI by Open WebUI

SSRF Bypass in Open WebUI AI Platform by Open WebUI

Authentication Bypass in Open WebUI AI Platform by Open WebUI

Redirect Vulnerability in Open WebUI Affects Offline AI Platform

Improper Access Control in Open WebUI Affects User Knowledge Bases

Permission Bypass in Open WebUI Affects Tool Management Capabilities

Stored Cross-Site Scripting Vulnerability in Open WebUI by Open WebUI

LDAP Authentication Vulnerability in Open WebUI by Open WebUI

Key Collision Vulnerability in Open WebUI Artificial Intelligence Platform

Session Management Flaw in Open WebUI Affects Administrative Controls

Unauthorized Access Vulnerability in Open WebUI AI Platform

Access Control Flaw in Open WebUI Affecting Model Configuration