HIGHCVE-2026-44721Published 2026-05-15Modified 2026-05-19CNA GitHub_M

CVE-2026-44721: Open WebUI: Stored XSS via Model Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting (XSS) vulnerability that allows any authenticated user with model creation permission (workspace.models) to execute arbitrary JavaScript in the browser of any other user (including admins) who views the malicious model in the chat UI. This vulnerability is fixed in 0.9.0.

CVSS v3.1: 7.3
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

open-webui / open-webui
< 0.9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

References

https://github.com/open-webui/open-webui/security/advisories/GHSA-gf5m-wcrh-7928

Metrics