HIGHCVE-2026-45349Published 2026-05-15Modified 2026-05-19CNA GitHub_M

CVE-2026-45349: Open WebUI: Broken Access Control for Completions API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key (generated in OWUI) and the Chat ID of another user to continue the conversation of the other user. This vulnerability is fixed in 0.9.0.

CVSS v3.1: 7.1
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

open-webui / open-webui
< 0.9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

References

https://github.com/open-webui/open-webui/security/advisories/GHSA-gfm2-xm6c-37qc

Metrics