Tag
Open WebUI SSRF Vulnerability via URL Parsing Discrepancy (CVE-2026-45400)
2 rules 1 TTPOpen WebUI versions 0.9.4 and earlier are vulnerable to Server-Side Request Forgery (SSRF) due to a parsing difference between the urlparse and requests libraries in the `validate_url` function, allowing attackers to bypass URL validation and make requests to internal IP addresses.
Open WebUI Stored XSS Vulnerability via OAuth Profile Picture
2 rules 1 TTP 2 CVEs 3 IOCsOpen WebUI is vulnerable to stored cross-site scripting (XSS) via OAuth profile picture handling, allowing an attacker to inject malicious SVG code and potentially takeover user accounts by exfiltrating JWT tokens.
Open WebUI Cross-User File Access Vulnerability (CVE-2026-45402)
2 rules 4 TTPsOpen WebUI is vulnerable to cross-user file access due to unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints, allowing authenticated users to exfiltrate or overwrite other users' private files given the file UUID (CVE-2026-45402).
Open WebUI Broken Access Control Allows Unauthorized Access to Conversations (CVE-2026-45349)
2 rules 1 TTPOpen WebUI versions 0.8.12 and earlier are vulnerable to CVE-2026-45349, a broken access control issue where any user can continue the conversation of another user if they know the Chat ID, by using the /api/chat/completions endpoint with their own API key, allowing unauthorized access to private conversations and information.
Open WebUI CORS Misconfiguration and Session Validation Vulnerability Leads to RCE
2 rules 1 TTPOpen WebUI version v0.3.10 has a CORS misconfiguration and session validation issue that can lead to remote code execution due to a one-click attack against admin users.
Open WebUI LDAP Empty Password Authentication Bypass
2 rules 1 TTPOpen WebUI is vulnerable to an LDAP authentication bypass where the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server, potentially granting attackers complete account access.
Open WebUI Cross-Instance Cache Poisoning Vulnerability
2 rules 2 TTPsOpen WebUI versions up to 0.8.12 are vulnerable to cross-instance cache poisoning when multiple instances share a Redis backend, allowing an attacker with admin access on one instance to overwrite cache values used by other instances, leading to data exfiltration and prompt injection attacks.
Open WebUI Model Chaining Access Control Bypass
2 rules 2 TTPsOpen WebUI is vulnerable to an access control bypass due to improper model chaining, allowing a regular user to create a model that chains to a restricted base model and query it using the admin's API key, bypassing access restrictions.