Open WebUI: Broken Access Control for Completions API_CVE-2026-45349

7.1 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key (generated in OWUI) and the Chat ID of another user to continue the conversation of the other user. This vulnerability is fixed in 0.9.0.

Basic Information

ID CVE-2026-45349

Source GitHub_M

Published May 15, 2026 at 19:20

Affected Product

Vendor open-webui

Product open-webui

Version < 0.9.0

Affected Versions open-webui open-webui < 0.9.0

CWE Classification

CWE-639

References

github.com /open-webui/open-webui/security/advisories/GHSA-gfm2-xm6c-37qc

{
    "lastseen": "",
    "description": "Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key (generated in OWUI) and the Chat ID of another user to continue the conversation of the other user. This vulnerability is fixed in 0.9.0.",
    "published": "2026-05-15T19:20:37.264Z",
    "modified": "2026-05-15T19:20:37.264Z",
    "type": "cve",
    "title": "Open WebUI: Broken Access Control for Completions API",
    "source": "GitHub_M",
    "references": "https://github.com/open-webui/open-webui/security/advisories/GHSA-gfm2-xm6c-37qc",
    "id": "CVE-2026-45349",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "open-webui open-webui < 0.9.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "open-webui",
    "version": "< 0.9.0",
    "vendor": "open-webui",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}