CVE-2026-45317

EUVD-2026-30658

15.05.2026, 22:16

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, an application-wide Cross-Site Request Forgery (CSRF) vulnerability was found Open-WebUl's image uploading functionality. An attacker can set an image URL to a malicious endpoint, allowing them to perform actions on behalf of a victim user. Any authenticated user can exploit this vulnerability, and any user who views the compromised image (e.g., a profile picture) will unknowingly send a GET request to the attacker-controlled URL. This can lead to cookie theft, denial of service (DoS), or other malicious actions. This vulnerability is fixed in 0.9.3.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.6 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Affected Products (NVD)

Vendor	Product	Version
openwebui	open_webui	𝑥 < 0.9.3

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://github.com/open-webui/open-webui/security/advisories/GHSA-j6w6-986j-2m2m