8.3
CVE-2026-54010
- EPSS 0.24%
- Veröffentlicht 23.06.2026 16:48:22
- Zuletzt bearbeitet 25.06.2026 13:34:24
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginOpen WebUI: Forged chat-file link allows cross-user file read and deletion
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary file_id values to their own chat message without checking whether they own or can read those files. If the attacker then shares that chat and grants themselves read access, has_access_to_file() treats the victim file as accessible through the shared chat, and the file endpoints read or delete the victim file. This vulnerability is fixed in 0.9.6.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Openwebui ≫ Open Webui Version < 0.9.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.152 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 8.3 | 2.8 | 5.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-639 Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://github.com/open-webui/open-webui/security/advisories/GHSA-vrhc-3fr6-pc3c