CVE-2026-44565

HIGH

Open WebUI: Open WebUI Arbitrary File Write, Delete via Path Traversal

Title source: cna

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with names containing dot-segments in the file path and traverse out of the intended uploads directory. Effectively, users can upload files anywhere on the filesystem the user running the web server has permission. This vulnerability is fixed in 0.6.10.

References (1)

Core 1

Core References

X_Refsource_Confirm x_refsource_confirm

https://github.com/open-webui/open-webui/security/advisories/GHSA-j3fw-wc48-29g3

Scores

CVSS v3 8.1

EPSS 0.0002

EPSS Percentile 6.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (3)

open-webui/open-webui < 0.6.10

openwebui/open_webui < 0.6.10

pypi/open-webui 0 - 0.6.10PyPI

Published May 15, 2026

Tracked Since May 16, 2026