MEDIUM SeverityCVSS 3.15.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVE-2026-45365

Last updated May 15, 2026 · Published May 15, 2026

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypass_filter parameter is exposed on the /openai/chat/completions and /ollama/api/chat HTTP endpoints via FastAPI query string binding, allowing any authenticated user to append ?bypass_filter=true and bypass model access control checks to invoke admin-restricted models. This vulnerability is fixed in 0.8.11.

Affected products

1 listed

open-webui:open-webui

Mappings

CWE

CWE-285

CAPEC

None listed.

Research

Insecure direct object references (IDOR): detection and preventionInsecure direct object references let users access other users' data by changing an ID. Enforce object-level…

Training

Authorisation and Access ControlRBAC, ABAC, and privilege escalation patterns in real applications.

CVE-2026-45365

Description

Affected products

Mappings

Related