Every CVE whose affected-product data names Openwebui Open Webui, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (120)
CVE-2026-44551 — CVSS 9.1 (critical): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication…
CVE-2024-7053 — CVSS 9.0 (critical): A vulnerability in open-webui/open-webui version 0.3.8 allows an attacker with a user-level account to perform a session fixation attack…
CVE-2024-8017 — CVSS 9.0 (critical): An XSS vulnerability exists in open-webui/open-webui versions <= 0.3.8, specifically in the function that constructs the HTML for tooltips…
CVE-2024-7044 — CVSS 8.9 (high): A Stored Cross-Site Scripting (XSS) vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An…
CVE-2024-7043 — CVSS 8.8 (high): An improper access control vulnerability in open-webui/open-webui v0.3.8 allows attackers to view and delete any files. The application…
CVE-2024-6707 — CVSS 8.8 (high): Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.
CVE-2026-0766 — CVSS 8.8 (high): Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
CVE-2026-0765 — CVSS 8.8 (high): Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote…
CVE-2024-7806 — CVSS 8.8 (high): A vulnerability in open-webui/open-webui versions <= 0.3.8 allows remote code execution by non-admin users via Cross-Site Request Forgery…
CVE-2026-45672 — CVSS 8.8 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the…
CVE-2026-45315 — CVSS 8.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription…
CVE-2025-64495 — CVSS 8.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. In versions 0.6.34 and below, the…
CVE-2025-65959 — CVSS 8.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS…
CVE-2026-54011 — CVSS 8.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders…
CVE-2026-44552 — CVSS 8.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_servers and…
CVE-2025-65958 — CVSS 8.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request…
CVE-2026-54008 — CVSS 8.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/…
CVE-2026-45400 — CVSS 8.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing difference…
CVE-2026-45401 — CVSS 8.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validate_url()…
CVE-2026-45331 — CVSS 8.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in…
CVE-2024-7990 — CVSS 8.4 (high): A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the…
CVE-2026-44570 — CVSS 8.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls…
CVE-2026-54010 — CVSS 8.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an…
CVE-2024-8053 — CVSS 8.2 (high): In version v0.3.10 of open-webui/open-webui, the `api/v1/utils/pdf` endpoint lacks authentication mechanisms, allowing unauthenticated…
CVE-2026-45675 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP and OAuth…
CVE-2026-44553 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role…
CVE-2026-45665 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site…
CVE-2026-45402 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, multiple endpoints…
CVE-2026-45301 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission…
CVE-2026-44565 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio…
CVE-2026-44554 — CVSS 8.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST…
CVE-2026-45671 — CVSS 8.0 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user…
CVE-2024-7959 — CVSS 7.7 (high): The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can…
CVE-2026-54018 — CVSS 7.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the…
CVE-2026-54017 — CVSS 7.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the terminal-server…
CVE-2026-45338 — CVSS 7.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request…
CVE-2026-45303 — CVSS 7.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML…
CVE-2026-34222 — CVSS 7.7 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a…
CVE-2026-54013 — CVSS 7.6 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG…
CVE-2026-44555 — CVSS 7.6 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports…
CVE-2024-7983 — CVSS 7.5 (high): In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted…
CVE-2024-7036 — CVSS 7.5 (high): A vulnerability in open-webui/open-webui v0.3.8 allows an unauthenticated attacker to sign up with excessively large text in the 'name'…
CVE-2024-12534 — CVSS 7.5 (high): In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during…
CVE-2024-12537 — CVSS 7.5 (high): In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the…
CVE-2026-45398 — CVSS 7.5 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, _validate_collection_acce…
CVE-2026-44566 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files…
CVE-2025-64496 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a…
CVE-2026-26192 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually…
CVE-2026-26193 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually…
CVE-2026-44549 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, Excel file attachments…
CVE-2026-44567 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not…
CVE-2026-44721 — CVSS 7.3 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site…
CVE-2026-45395 — CVSS 7.2 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint…
CVE-2024-7037 — CVSS 7.2 (high): In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to…
CVE-2024-7034 — CVSS 7.2 (high): In open-webui version 0.3.8, the endpoint `/models/upload` is vulnerable to arbitrary file write due to improper handling of user-supplied…
CVE-2024-7033 — CVSS 7.2 (high): In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the download_model endpoint. When deployed on…
CVE-2026-44556 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint…
CVE-2026-28788 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any…
CVE-2026-45349 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use…
CVE-2026-44569 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, there's an IDOR in the…
CVE-2026-45350 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability…
CVE-2026-45399 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user…
CVE-2026-54012 — CVSS 7.1 (high): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user…
CVE-2024-7035 — CVSS 6.9 (medium): In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are performed using the GET method. This…
CVE-2024-7039 — CVSS 6.7 (medium): In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker…
CVE-2026-45339 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins…
CVE-2026-44571 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels…
CVE-2026-45345 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can modify…
CVE-2026-54009 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST…
CVE-2024-7041 — CVSS 6.5 (medium): An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the…
CVE-2026-45351 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user…
CVE-2026-54007 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message…
CVE-2026-45666 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API…
CVE-2026-45667 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef…
CVE-2026-54019 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI added…
CVE-2026-44562 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST…
CVE-2026-0767 — CVSS 6.5 (medium): Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers…
CVE-2026-44560 — CVSS 6.5 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: "file"…
CVE-2026-54015 — CVSS 6.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI's prompt…
CVE-2024-30256 — CVSS 6.4 (medium): Open WebUI is a user-friendly WebUI for LLMs. Open-webui is vulnerable to authenticated blind server-side request forgery. This…
CVE-2026-54021 — CVSS 6.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct…
CVE-2026-45314 — CVSS 6.1 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the channel webhook…
CVE-2024-6706 — CVSS 6.1 (medium): Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.
CVE-2026-44564 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update…
CVE-2024-7048 — CVSS 5.4 (medium): In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST…
CVE-2024-7049 — CVSS 5.4 (medium): In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This…
CVE-2025-46571 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, low privileged…
CVE-2025-46719 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, a vulnerability…
CVE-2026-29070 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access…
CVE-2026-44558 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does…
CVE-2026-44561 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the…
CVE-2026-44563 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate…
CVE-2026-45299 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, the profile_image_url…
CVE-2026-45318 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, his advisory tracks a…
CVE-2026-45346 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.31, there is a Cross-Site…
CVE-2026-45365 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only…
CVE-2026-45396 — CVSS 5.4 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST…
CVE-2026-45397 — CVSS 5.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, GET /api/v1/retrieval/…
CVE-2026-54022 — CVSS 5.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the ydoc:document:join…
CVE-2026-44550 — CVSS 5.0 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, FolderForm uses…
CVE-2024-7040 — CVSS 4.9 (medium): In version v0.3.8 of open-webui/open-webui, there is an improper access control vulnerability. On the frontend admin page, administrators…
CVE-2026-44568 — CVSS 4.8 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the…
CVE-2026-45317 — CVSS 4.6 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, an application-wide…
CVE-2026-44559 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET…
CVE-2026-44557 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the…
CVE-2026-34225 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind…
CVE-2026-45387 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model…
CVE-2026-45385 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vulnerability…
CVE-2026-45347 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is a blind server…
CVE-2026-54006 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST…
CVE-2024-7046 — CVSS 4.3 (medium): An improper access control vulnerability in open-webui/open-webui v0.3.8 allows an attacker to view admin details. The application does not…
CVE-2024-7045 — CVSS 4.3 (medium): In version v0.3.8 of open-webui/open-webui, improper access control vulnerabilities allow an attacker to view any prompts. The application…
CVE-2026-45386 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, Pin/Unpin is a write…
CVE-2026-28786 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized…
CVE-2026-54014 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, a path traversal…
CVE-2025-63681 — CVSS 4.3 (medium): open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without…
CVE-2026-54016 — CVSS 4.3 (medium): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken…
CVE-2026-45316 — CVSS 3.5 (low): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the POST…
CVE-2026-29071 — CVSS 3.1 (low): Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any…
CVE-2024-7038 — CVSS 2.7 (low): An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update…