Vendor
high
advisory
Open WebUI IDOR Vulnerability in Retrieval API Allows Unauthorized Access and Modification of Knowledge Bases
2 rules 1 TTPOpen WebUI is vulnerable to an IDOR vulnerability in its Retrieval API that bypasses knowledge base access controls, allowing any authenticated user who knows a private knowledge base UUID to read, inject content into, or overwrite another user's knowledge base.
Open WebUI
idor
authorization_bypass
data_manipulation
2r
1t
high
advisory
Open WebUI LDAP/OAuth Race Condition Allows Multiple Admin Accounts (CVE-2026-45675)
2 rules 1 TTPOpen WebUI versions 0.8.12 and earlier are vulnerable to a time-of-check-time-of-use (TOCTOU) race condition in the LDAP and OAuth authentication flows, allowing multiple concurrent requests on a fresh instance to bypass the first-user admin role assignment and resulting in multiple admin accounts (CVE-2026-45675).
open-webui
privilege-escalation
time-of-check-time-of-use
race-condition
cve-2026-45675
cloud
2r
1t