Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

30,628 advisories

Loading
Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958) High
CVE-2026-45401 was published for open-webui (pip) May 14, 2026
tenbbughunters Credited to tenbbughunters, YLChen-007, sneaXOR, Classic298, and nayakchinmohan YLChen-007 YLChen-007
sneaXOR sneaXOR Classic298 Classic298 nayakchinmohan nayakchinmohan
Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url` High
CVE-2026-45400 was published for open-webui (pip) May 14, 2026
Fushuling Credited to Fushuling, RacerZ-fighting, and Classic298 RacerZ-fighting RacerZ-fighting
Classic298 Classic298
Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption High
CVE-2026-45399 was published for open-webui (pip) May 14, 2026
naruto3co Credited to naruto3co
Open WebUI Vulnerable to IDOR: Retrieval API Bypasses Knowledge Base Access Controls High
CVE-2026-45398 was published for open-webui (pip) May 14, 2026
tenbbughunters Credited to tenbbughunters, johnatzeropath, and LeftenantZero johnatzeropath johnatzeropath
LeftenantZero LeftenantZero
Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure Moderate
CVE-2026-45397 was published for open-webui (pip) May 14, 2026
0xRyuzak1 Credited to 0xRyuzak1
Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation Moderate
CVE-2026-45396 was published for open-webui (pip) May 14, 2026
yantongggg Credited to yantongggg
Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution High
CVE-2026-45395 was published for open-webui (npm) May 14, 2026
KadirArslan Credited to KadirArslan
Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage) Moderate
CVE-2026-45387 was published for open-webui (pip) May 14, 2026
Open WebUI has an IDOR vulnerability in the pin_channel_message API endpoint Moderate
CVE-2026-45386 was published for open-webui (pip) May 14, 2026
kikayli Credited to kikayli and Classic298 Classic298 Classic298
Open WebUI has an IDOR vulnerability in the update_message_by_id API endpoint Moderate
CVE-2026-45385 was published for open-webui (pip) May 14, 2026
kikayli Credited to kikayli and Classic298 Classic298 Classic298
Open WebUI: Authenticated users can bypass model access control via exposed query parameter [AI-ASSISTED] Moderate
CVE-2026-45365 was published for open-webui (pip) May 14, 2026
johnatzeropath Credited to johnatzeropath and LeftenantZero LeftenantZero LeftenantZero
Open WebUI Exposes System Prompt to Regular User [Non-Admin] Moderate
CVE-2026-45351 was published for open-webui (pip) May 14, 2026
shahzaibak96 Credited to shahzaibak96
Open WebUI's chat completion API allows tool restrictions to be bypassed High
CVE-2026-45350 was published for open-webui (pip) May 14, 2026
Open WebUI has Broken Access Control for Completions API High
CVE-2026-45349 was published for open-webui (pip) May 14, 2026
savvaki Credited to savvaki
pyLoad is vulnerable to stored XSS in Downloads view via unsanitized link URL in packages.js template literal High
CVE-2026-45348 was published for pyload-ng (pip) May 14, 2026
adrgs Credited to adrgs and aisafe-bot aisafe-bot aisafe-bot
Svelte devalue: DoS via sparse array deserialization High
CVE-2026-42570 was published for devalue (npm) May 14, 2026
elliott-with-the-longest-name-on-github Credited to elliott-with-the-longest-name-on-github, dummdidumm, and kq5y dummdidumm dummdidumm
kq5y kq5y
Open WebUI vulnerable to blind server side request forgery (SSRF) via the PDF generate function Moderate
CVE-2026-45347 was published for open-webui (pip) May 14, 2026
simioni87 Credited to simioni87
Open WebUI Has Stored Cross-Site Scripting in SVG Renderer Moderate
CVE-2026-45346 was published for open-webui (npm) May 14, 2026
ZoczuS Credited to ZoczuS
Open WebUI missing authorization check at the model update function - models from other users can be updated Moderate
CVE-2026-45345 was published for open-webui (pip) May 14, 2026
simioni87 Credited to simioni87
Open WebUI's API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints Moderate
CVE-2026-45339 was published for open-webu (pip) May 14, 2026
aliceQWAS Credited to aliceQWAS and Classic298 Classic298 Classic298
Open WebUI Vulnerable to SSRF via OAuth Profile Picture URL in _process_picture_url (oauth.py) High
CVE-2026-45338 was published for open-webui (pip) May 14, 2026
Sebasteuo Credited to Sebasteuo
Svelte SSR vulnerable to cross-site scripting via spread attributes Moderate
CVE-2026-42599 was published for svelte (npm) May 14, 2026
dummdidumm Credited to dummdidumm and elliott-with-the-longest-name-on-github elliott-with-the-longest-name-on-github elliott-with-the-longest-name-on-github
Open WebUI has a full SSRF Vulnerability in the RAG Web Search Feature High
CVE-2026-45331 was published for open-webui (pip) May 14, 2026
dkonis Credited to dkonis, wlayzz, and Classic298 wlayzz wlayzz
Classic298 Classic298
Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) via Image URL Manipulation Moderate
CVE-2026-45317 was published for open-webui (pip) May 14, 2026
bray-sec Credited to bray-sec and Classic298 Classic298 Classic298
Open WebUI has stored XSS via unsanitized Office/Excel/DOCX file preview rendering ({@html} without DOMPurify) Moderate
CVE-2026-45318 was published for open-webui (pip) May 14, 2026
foodlook Credited to foodlook
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database