Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

47 advisories

Loading
Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter Moderate
CVE-2026-54021 was published for open-webui (pip) Jun 17, 2026
brodmart Credited to brodmart and Classic298 Classic298 Classic298
Open WebUI: RAG ACL Bypass in Milvus Multitenancy Mode Moderate
CVE-2026-54019 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n and Classic298 Classic298 Classic298
Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects High
CVE-2026-54018 was published for open-webui (pip) Jun 17, 2026
POV9en Credited to POV9en and Classic298 Classic298 Classic298
Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal High
CVE-2026-54017 was published for open-webui (pip) Jun 17, 2026
Tulgaaaaaaaa Credited to Tulgaaaaaaaa, sermikr0, and Classic298 sermikr0 sermikr0
Classic298 Classic298
Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File Enumeration Moderate
CVE-2026-54016 was published for open-webui (pip) Jun 17, 2026
Hwwg Credited to Hwwg and Classic298 Classic298 Classic298
Open WebUI Prompt history IDOR: unbound history_id allows cross-prompt read and deletion Moderate
CVE-2026-54015 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, Classic298, and 5yu4n Classic298 Classic298
5yu4n 5yu4n
Open WebUI: Sibling-Prefix Path Traversal via /cache/{path} Moderate
CVE-2026-54014 was published for open-webui (pip) Jun 17, 2026
AAtomical Credited to AAtomical and Classic298 Classic298 Classic298
Open WebUI: Stored XSS to Account Takeover via Model Profile Images High
CVE-2026-54013 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n and Classic298 Classic298 Classic298
Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion High
CVE-2026-54012 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, and Classic298 5yu4n 5yu4n
Classic298 Classic298
Open WebUI: Stored XSS in Mermaid Markdown Preview High
CVE-2026-54011 was published for open-webui (pip) Jun 17, 2026
ixSly Credited to ixSly and Classic298 Classic298 Classic298
Open WebUI: Forged chat-file link allows cross-user file read and deletion High
CVE-2026-54010 was published for open-webui (pip) Jun 17, 2026
0xEr3n Credited to 0xEr3n, 5yu4n, Classic298, and oxsignal 5yu4n 5yu4n
Classic298 Classic298 oxsignal oxsignal
Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field Moderate
CVE-2026-54009 was published for open-webui (pip) Jun 17, 2026
bl4ckr0ss3 Credited to bl4ckr0ss3 and Classic298 Classic298 Classic298
Open WebUI: Redirect-Bypass SSRF in OAuth `_process_picture_url` (incomplete-fix sibling of CVE-2026-45401) High
CVE-2026-54008 was published for open-webui (pip) Jun 17, 2026
matte1782 Credited to matte1782 and Classic298 Classic298 Classic298
Open WebUI: Cross-origin postMessage confirmation bypass via action:submit High
CVE-2026-54007 was published for open-webui (pip) Jun 17, 2026
Aikido-Security Credited to Aikido-Security, JorianWoltjer, grumpinout1, and Classic298 JorianWoltjer JorianWoltjer
grumpinout1 grumpinout1 Classic298 Classic298
Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendar Moderate
CVE-2026-54006 was published for open-webui (pip) Jun 17, 2026
nayakchinmohan Credited to nayakchinmohan and Classic298 Classic298 Classic298
Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts High
CVE-2026-45675 was published for open-webui (pip) May 14, 2026
sfwani Credited to sfwani and Classic298 Classic298 Classic298
Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints High
CVE-2026-45402 was published for open-webui (pip) May 14, 2026
MrBeard-FT Credited to MrBeard-FT and Classic298 Classic298 Classic298
Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958) High
CVE-2026-45401 was published for open-webui (pip) May 14, 2026
tenbbughunters Credited to tenbbughunters, YLChen-007, tempcollab, sneaXOR, Classic298, and nayakchinmohan YLChen-007 YLChen-007
tempcollab tempcollab sneaXOR sneaXOR Classic298 Classic298 nayakchinmohan nayakchinmohan
Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url` High
CVE-2026-45400 was published for open-webui (pip) May 14, 2026
Fushuling Credited to Fushuling, RacerZ-fighting, and Classic298 RacerZ-fighting RacerZ-fighting
Classic298 Classic298
Open WebUI has an IDOR vulnerability in the pin_channel_message API endpoint Moderate
CVE-2026-45386 was published for open-webui (pip) May 14, 2026
kikayli Credited to kikayli and Classic298 Classic298 Classic298
Open WebUI has an IDOR vulnerability in the update_message_by_id API endpoint Moderate
CVE-2026-45385 was published for open-webui (pip) May 14, 2026
kikayli Credited to kikayli and Classic298 Classic298 Classic298
Open WebUI's API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints Moderate
CVE-2026-45339 was published for open-webu (pip) May 14, 2026
aliceQWAS Credited to aliceQWAS and Classic298 Classic298 Classic298
Open WebUI has a full SSRF Vulnerability in the RAG Web Search Feature High
CVE-2026-45331 was published for open-webui (pip) May 14, 2026
dkonis Credited to dkonis, wlayzz, and Classic298 wlayzz wlayzz
Classic298 Classic298
Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) via Image URL Manipulation Moderate
CVE-2026-45317 was published for open-webui (pip) May 14, 2026
bray-sec Credited to bray-sec and Classic298 Classic298 Classic298
Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access) Low
CVE-2026-45316 was published for open-webui (pip) May 14, 2026
qi-scape Credited to qi-scape and Classic298 Classic298 Classic298
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database