CVE-2026-28788

Exploit

EPSS 0.04%
Veröffentlicht 26.03.2026 23:38:20
Zuletzt bearbeitet 01.04.2026 16:12:25
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the `POST /api/v1/retrieval/process/files/batch` endpoint. The endpoint performs no ownership check, so a regular user with read access to a shared knowledge base can obtain file UUIDs via `GET /api/v1/knowledge/{id}/files` and then overwrite those files, escalating from read to write. The overwritten content is served to the LLM via RAG, meaning the attacker controls what the model tells other users. Version 0.8.6 patches the issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openwebui ≫ Open Webui Version < 0.8.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.129

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	7.1	2.8	4.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

CWE-639 Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2026-28788

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-28788

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-28788

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-28788