SB2026042440 - Multiple vulnerabilities in Open WebUI

Description

This security bulletin contains information about 2 vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2026-26192)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear

The vulnerability allows a remote user to execute arbitrary script in the victim's browser.

The vulnerability exists due to cross-site scripting in the citation preview iFrame rendering in CitationModal.svelte when previewing a citation containing attacker-controlled document content marked as HTML. A remote user can modify chat history to set the html metadata property and inject a crafted document payload to execute arbitrary script in the victim's browser.

User interaction is required to expand the sources and click the document containing the payload. The payload also executes when the citation is viewed in a shared chat.

2) Cross-site scripting (CVE-ID: CVE-2026-26193)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear

The vulnerability allows a remote user to execute arbitrary script in a victim's browser.

The vulnerability exists due to cross-site scripting in the ResponseMessage.svelte iFrame embed handling when rendering user-controlled response message embeds. A remote user can modify chat history to inject a crafted embeds value to execute arbitrary script in a victim's browser.

User interaction is required to view the affected chat or a shared chat link.

Remediation

Install update from vendor's website.

References

• https://github.com/open-webui/open-webui/security/advisories/GHSA-xc8p-9rr6-97r2
• https://github.com/advisories/GHSA-xc8p-9rr6-97r2
• https://github.com/open-webui/open-webui/security/advisories/GHSA-vjm7-m4xh-7wrc
• https://github.com/advisories/GHSA-vjm7-m4xh-7wrc