CVE-2026-45396

5.4 MEDIUM

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline

Published: 2026-05-15 · Last updated: 2026-05-19

Severity and scoring

CVSS: 5.4 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CWE: CWE-915

Affected products

Vendor	Product
openwebui	open_webui

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses model_config = ConfigDict(extra='allow'). Due to an insecure dictionary merge order in insert_new_feedback(), an authenticated attacker can inject a user_id field in the request body that overwrites the server-derived value, creating feedback records attributed to any arbitrary user. This corrupts the model evaluation leaderboard (Elo ratings) and enables identity spoofing. This vulnerability is fixed in 0.9.5.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-45396
[Vendor advisory]https://github.com/open-webui/open-webui/security/advisories/GHSA-rjmp-vjf2-qf4g
[Vendor advisory]https://github.com/open-webui/open-webui/security/advisories/GHSA-rjmp-vjf2-qf4g

Related CVEs

Same vendor

CVE-2026-45667 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline (6.5 MEDIUM)
CVE-2026-45666 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline (6.5 MEDIUM)
CVE-2026-45665 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline (8.1 HIGH)
CVE-2026-45365 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline (5.4 MEDIUM)
CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline (6.5 MEDIUM)

Same CWE

CVE-2026-46517 — LMDeploy is a toolkit for compressing, deploying, and serving large language models (7.8 HIGH)
CVE-2026-46480 — Flowise is a drag & drop user interface to build a customized large language model flow (8.8 HIGH)
CVE-2026-46479 — Flowise is a drag & drop user interface to build a customized large language model flow (8.8 HIGH)
CVE-2026-46478 — Flowise is a drag & drop user interface to build a customized large language model flow (8.8 HIGH)
CVE-2026-46477 — Flowise is a drag & drop user interface to build a customized large language model flow (8.8 HIGH)