Path traversal in Open WebUI - #VU130180
Published: May 5, 2026
Vulnerability identifier: #VU130180
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Open WebUI
Affected software:
Open WebUI
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote user to overwrite and delete arbitrary files.
The vulnerability exists due to path traversal in the /ollama/models/upload API route when handling file upload requests with a crafted filename. A remote user can upload a file with dot-segments in its filename to overwrite and delete arbitrary files.
The file is temporarily written to disk before being forwarded to an internal API and then removed, so exploitation is limited to files writable by the account running the web server.
Remediation
Install security update from vendor's website.