Product
Open WebUI Missing Authorization on Tool Update Endpoint Allows Privilege Escalation to Code Execution
2 rules 2 TTPsOpen WebUI is vulnerable to privilege escalation and code execution because a missing authorization check on the tool update endpoint allows a user with write access to a tool to replace the tool's server-side Python content and trigger execution, bypassing the intended `workspace.tools` security boundary.
Open WebUI IDOR Vulnerability in Retrieval API Allows Unauthorized Access and Modification of Knowledge Bases
2 rules 1 TTPOpen WebUI is vulnerable to an IDOR vulnerability in its Retrieval API that bypasses knowledge base access controls, allowing any authenticated user who knows a private knowledge base UUID to read, inject content into, or overwrite another user's knowledge base.
Open WebUI CORS Misconfiguration and Session Validation Vulnerability Leads to RCE
2 rules 1 TTPOpen WebUI version v0.3.10 has a CORS misconfiguration and session validation issue that can lead to remote code execution due to a one-click attack against admin users.
Open WebUI Arbitrary File Write/Delete via Path Traversal
2 rules 1 TTPOpen WebUI is vulnerable to path traversal (CVE-2026-44565), allowing attackers to upload files to arbitrary locations on the web server's filesystem and subsequently delete them due to insufficient filename sanitization in the `/ollama/models/upload` API endpoint.