CVE-2026-29070

MEDIUM

Open WebUI has unauthorized deletion of knowledge files

Title source: cna

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base. The only check being done is that the user has write access to the knowledge base (or is admin), but NOT that the file actually belongs to this knowledge base. It is thus possible to delete arbitrary files from arbitrary knowledge bases (as long as one knows the file id). Version 0.8.6 patches the issue.

References (1)

Core 1

Core References

X_Refsource_Confirm x_refsource_confirm

https://github.com/open-webui/open-webui/security/advisories/GHSA-26gm-93rw-cchf

Scores

CVSS v3 5.4

EPSS 0.0004

EPSS Percentile 13.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-862

Status published

Products (3)

open-webui/open-webui < 0.8.6

openwebui/open_webui < 0.8.6

pypi/open-webui 0 - 0.8.6PyPI

Published Mar 27, 2026

Tracked Since Mar 27, 2026