Product

Open-Webui (<= 0.9.4)

3 briefs RSS

Open WebUI SSRF Vulnerability via URL Parsing Discrepancy (CVE-2026-45400)

Open WebUI versions 0.9.4 and earlier are vulnerable to Server-Side Request Forgery (SSRF) due to a parsing difference between the urlparse and requests libraries in the `validate_url` function, allowing attackers to bypass URL validation and make requests to internal IP addresses.

open-webui ssrf cve-2026-45400 web-application github-advisory

2r 1t 42m ago

high advisory

Open WebUI Stored XSS Vulnerability via OAuth Profile Picture

2 rules 1 TTP 2 CVEs 3 IOCs

Open WebUI is vulnerable to stored cross-site scripting (XSS) via OAuth profile picture handling, allowing an attacker to inject malicious SVG code and potentially takeover user accounts by exfiltrating JWT tokens.

open-webui xss stored-xss oauth

2r 1t 2c 3i 47m ago

high advisory

Open WebUI Cross-User File Access Vulnerability (CVE-2026-45402)

2 rules 4 TTPs

Open WebUI is vulnerable to cross-user file access due to unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints, allowing authenticated users to exfiltrate or overwrite other users' private files given the file UUID (CVE-2026-45402).

open-webui file-access privilege-escalation cve-2026-45402

2r 4t 48m ago