Authorization bypass through user-controlled key in Open WebUI - #VU130945
Published: May 11, 2026
Vulnerability identifier: #VU130945
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-639
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Open WebUI
Affected software:
Open WebUI
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information and modify another user's conversation.
The vulnerability exists due to authorization bypass through a user-controlled key in the /api/chat/completions endpoint when handling requests that reference an existing chat by chat_id. A remote user can send a request with their own API key and another user's chat ID to disclose sensitive information and modify another user's conversation.
Exploitation requires knowledge of another user's chat ID, and both users must have access to the same model.
Remediation
Install security update from vendor's website.