CVE-2026-59224
open-webui · open-webui
Open WebUI is vulnerable to authentication bypass and spoofing, which could allow a remote, authenticated user to achieve total system compromise through cross-site scripting or related vectors.
Executive summary
An authentication bypass and spoofing vulnerability in Open WebUI versions prior to 0.10.0 allows attackers to achieve unauthorized control over the self-hosted AI platform.
Vulnerability
This vulnerability is rooted in improper authentication and spoofing mechanisms. An authenticated attacker can exploit these weaknesses to bypass security controls, potentially leading to unauthorized access and complete compromise of the platform.
Business impact
The CVSS score of 8.0 indicates a high-severity risk. Since Open WebUI is a self-hosted AI platform, a successful exploit could lead to full administrative takeover, unauthorized data access, and the potential for the platform to be used as a pivot point for further attacks within the internal network.
Remediation
Immediate Action: Update Open WebUI to version 0.10.0 or higher immediately to resolve the authentication bypass flaws.
Proactive Monitoring: Review audit logs for suspicious login activity, unauthorized changes to administrative settings, or unexpected session tokens that might indicate an authentication bypass attempt.
Compensating Controls: Restrict network access to the Open WebUI instance using a VPN or IP allowlisting to ensure only trusted users can interact with the interface.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability represents a critical risk to the security of your self-hosted AI infrastructure. Administrators must immediately upgrade to version 0.10.0 to mitigate the risk of authentication bypass and prevent unauthorized access to sensitive system resources.