Main Vulnerability Database SB2026051163

SB2026051163 - Server-Side Request Forgery (SSRF) in Open WebUI

Published: May 11, 2026

Security Bulletin ID SB2026051163

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Server-Side Request Forgery (SSRF) (CVE-ID: N/A)

The vulnerability allows a remote user to trigger arbitrary server-side GET requests.

The vulnerability exists due to server-side request forgery in the PDF generate function when processing user-supplied HTML during PDF export. A remote user can inject a crafted image tag to trigger arbitrary server-side GET requests.

The issue is blind, so responses could not be read during testing, but internal assets may be enumerated through response delays.

Remediation

Install update from vendor's website.

References

https://github.com/open-webui/open-webui/security/advisories/GHSA-f776-fp4w-266c
https://github.com/open-webui/open-webui/commit/167c8bf00d165af523acfc3b870749f6be6d3e57