Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.4 MEDIUM
CVE-2026-44563 — Open WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embedd…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints accept any m…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
6.5 MEDIUM
CVE-2026-44562 — Open WebUI: Model Import Overwrites Any Model Without Ownership Check

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/models/import endpoint allows users with the workspace.models_impor…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
5.4 MEDIUM
CVE-2026-44561 — Open WebUI: Deactivated Channel Members Retain Full Access to Group/DM Channels

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the is_user_channel_member function checks whether a ChannelMember row exists but do…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
6.5 MEDIUM
CVE-2026-44560 — Open WebUI: Unauthorized File and Knowledge Base Content Access via RAG Vector Search

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: "file" (non-full-context), type: "text" with collection_name, and bare col…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
4.3 MEDIUM
CVE-2026-44559 — Open WebUI: Missing Access Check on Channel Members Endpoint for Standard Channels

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the GET /api/v1/channels/{id}/members endpoint only checks membership for group and …

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
5.4 MEDIUM
CVE-2026-44558 — Open WebUI: Channel Access Grants Bypass filter_allowed_access_grants

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or up…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
4.3 MEDIUM
CVE-2026-44557 — Open WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-Collection

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the _validate_collection_access function uses an incomplete allowlist that only enfo…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
7.1 HIGH
CVE-2026-44556 — Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forw…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
7.6 HIGH
CVE-2026-44555 — Open WebUI: Base Model Routing Bypasses Access Control via Model Chaining

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via base_model_id: a user-defined model (e.g.,…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
8.1 HIGH
CVE-2026-44554 — Open WebUI: Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Over…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collection_n…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
8.1 HIGH
CVE-2026-44553 — Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User N…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to discon…

Remote | Authentication
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
8.7 HIGH
CVE-2026-44552 — Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix En…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_servers and terminal_servers keys in utils/tools.py do use a prefix. When t…

Remote | Misconfiguration
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
9.1 CRITICAL
CVE-2026-44551 — Open WebUI: LDAP Empty Password Authentication Bypass

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is no…

Remote | Authentication
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
5.0 MEDIUM
CVE-2026-44550 — Open WebUI: Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other U…

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, FolderForm uses model_config = ConfigDict(extra='allow'), which permits arbitrary fi…

Remote | Misconfiguration
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
0.0 NA
CVE-2025-67031 — ORSEE Remote Code Execution Vulnerability

ORSEE (Online Recruitment System for Economic Experiments) 3.1.0 contains an authenticated Remote Code Execution vulnerability in the participant profile field processing subsystem. Certain field con…

| Injection
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
0.0 NA
CVE-2026-44721 — Open WebUI: Stored XSS via Model Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting (XSS) vulnerability that allows any authenticated user…

| Cross-Site Scripting
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
8.7 HIGH
CVE-2026-8686 — DoS from MQTT v5.0 Deserialization Fault in core MQTT

Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users s…

Remote | Denial of Service
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
4.3 MEDIUM
CVE-2026-4054 — SVG content served through Mattermost image proxy despite Content-Type restrictions cause…

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG fi…

Remote | Denial of Service
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
3.1 LOW
CVE-2026-4053 — post edit time limit is not enforced on some post update operations

Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit on non-message post fields which allows an authenticated user to modify post file attachments, props, a…

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
7.6 HIGH
CVE-2026-46408 — Vvveb: checkout IDOR allows unauthorized reuse of another user's cart

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cart_id and uses it to enter …

Remote | Authorization
May 15, 2026 May 15, 2026
May 15, 2026
May 15, 2026
Showing 20 of 6317 Results