CVE-2026-45317
Last updated May 15, 2026 · Published May 15, 2026
Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, an application-wide Cross-Site Request Forgery (CSRF) vulnerability was found Open-WebUl's image uploading functionality. An attacker can set an image URL to a malicious endpoint, allowing them to perform actions on behalf of a victim user. Any authenticated user can exploit this vulnerability, and any user who views the compromised image (e.g., a profile picture) will unknowingly send a GET request to the attacker-controlled URL. This can lead to cookie theft, denial of service (DoS), or other malicious actions. This vulnerability is fixed in 0.9.3.
Affected products
1 listed- open-webui:open-webui
Mappings
CWE
CAPEC
None listed.
Related
Research
- Cross-site request forgery (CSRF): how it works and how to defend itCross-site request forgery (CSRF) lets attackers reuse a victim's session cookie from another site. SameSite…
- Session management: secure cookies, rotation, and lifetimeSession management is the spine of authenticated web apps. Use HttpOnly, Secure, SameSite cookies, rotate on…
Guides
Training
- Input Validation and Schema EnforcementValidate early, validate strictly - schemas, allowlists, and type-safe boundaries.
- Session ManagementTokens, cookies, and state - keeping sessions secure in stateless architectures.
- API Design That Defends ItselfREST, GraphQL, and gRPC patterns that reduce your attack surface by design.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms