pypi

4,979 tracked vulnerabilities.

CVE-2026-45349 HIGH
Open WebUI: Broken Access Control for Completions API
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-45339 MEDIUM
Open WebUI: API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-45331 HIGH
Open WebUI: Full SSRF Vulnerability in the RAG Web Search Feature
May 15, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-44568 MEDIUM
Open WebUI: Stored XSS in Pending User Overlay via Incorrect DOMPurify Application Order
May 15, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-44564 MEDIUM
Open WebUI: Read-Only Users Can Modify Collaborative Documents via Socket.IO
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44563 MEDIUM
Open WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44562 MEDIUM
Open WebUI: Model Import Overwrites Any Model Without Ownership Check
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44561 MEDIUM
Open WebUI: Deactivated Channel Members Retain Full Access to Group/DM Channels
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44560 MEDIUM
Open WebUI: Unauthorized File and Knowledge Base Content Access via RAG Vector Search
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44559 MEDIUM
Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-44558 MEDIUM
Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44557 MEDIUM
Open WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-44556 HIGH
Open WebUI: responses passthrough endpoint lacks access control authorization
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-44555 HIGH
Open WebUI: Base Model Routing Bypasses Access Control via Model Chaining
May 15, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-44554 HIGH
Open WebUI: Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Overwrite
May 15, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-44553 HIGH
Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access
May 15, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-44552 HIGH
Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning
May 15, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-44551 CRITICAL NUCLEI
Open WebUI: LDAP Empty Password Authentication Bypass
May 15, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-44550 MEDIUM
Open WebUI: Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts
May 15, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-46383 MEDIUM
Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`
May 15, 2026
CVSS 5.5
EPSS 0.01
CVE-2026-45539 HIGH
Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree
May 15, 2026
CVSS 7.4
EPSS 0.01
CVE-2026-44641 HIGH
Microsoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during install
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-2652 HIGH NUCLEI
Authentication Bypass in mlflow/mlflow
May 15, 2026
CVSS 8.6
EPSS 0.02
CVE-2026-45370 HIGH
python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection
May 14, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-45369 HIGH
python-utcp: Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
May 14, 2026
CVSS 8.3
EPSS 0.00