CPE

Cpe:2.3:a:openwebui:open_webui:0.6.41:::::::*

1 brief RSS

Open WebUI Broken Authorization Allows Task Cancellation

Open WebUI is vulnerable to broken object-level authorization, allowing low-privilege authenticated users to enumerate and stop global background tasks across the system, leading to a denial-of-service condition and is tracked as CVE-2026-45399 and CVE-2025-63681.

open-webui authorization denial-of-service cve-2026-45399

2r 1t 1c 47m ago

Cpe:2.3:a:openwebui:open_webui:0.6.41:*:*:*:*:*:*:*

Open WebUI Broken Authorization Allows Task Cancellation

Cpe:2.3:a:openwebui:open_webui:0.6.41:::::::*