pypi

4,707 tracked vulnerabilities.

CVE-2026-45402 HIGH
Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints
May 15, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-45401 HIGH
Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints
May 15, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-45400 HIGH
Open WebUI: Server-Side Request Forgery (SSRF) bypass in `validate_url`
May 15, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-45398 HIGH
Open WebUI: IDOR - Retrieval API Bypasses Knowledge Base Access Controls
May 15, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-45397 MEDIUM
Open WebUI: Unauthenticated RAG Configuration Disclosure
May 15, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-45396 MEDIUM
Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-45387 MEDIUM
Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-45386 MEDIUM
Open WebUI: An IDOR vulnerability exists in the pin_channel_message API endpoint
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-45385 MEDIUM
Open WebUI: An IDOR vulnerability exists in the update_message_by_id API endpoint
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-44721 HIGH
Open WebUI: Stored XSS via Model Description
May 15, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-45675 HIGH
Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts
May 15, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-45671 HIGH
Open WebUI: shared-chat branch ignores access_type, allowing unauthorized file deletion
May 15, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-45399 HIGH
Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-45349 HIGH
Open WebUI: Broken Access Control for Completions API
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-45339 MEDIUM
Open WebUI: API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-45331 HIGH
Open WebUI: Full SSRF Vulnerability in the RAG Web Search Feature
May 15, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-44568 MEDIUM
Open WebUI: Stored XSS in Pending User Overlay via Incorrect DOMPurify Application Order
May 15, 2026
CVSS 4.8
EPSS 0.00
CVE-2026-44564 MEDIUM
Open WebUI: Read-Only Users Can Modify Collaborative Documents via Socket.IO
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44563 MEDIUM
Open WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/show
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44562 MEDIUM
Open WebUI: Model Import Overwrites Any Model Without Ownership Check
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44561 MEDIUM
Open WebUI: Deactivated Channel Members Retain Full Access to Group/DM Channels
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44560 MEDIUM
Open WebUI: Unauthorized File and Knowledge Base Content Access via RAG Vector Search
May 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44559 MEDIUM
Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels
May 15, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-44558 MEDIUM
Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants
May 15, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-44557 MEDIUM
Open WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
May 15, 2026
CVSS 4.3
EPSS 0.00
Products
tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21
Quick Filters
Critical CVEs With Exploits In CISA KEV