Improper access control in Open WebUI - CVE-2026-54016
Published: June 30, 2026
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to improper access control in the builtin search_knowledge_files tool when handling a user-supplied knowledge_id in the no attached knowledge branch. A remote user can supply an arbitrary knowledge_id to enumerate metadata for files in a knowledge base without authorization to disclose sensitive information.
Exploitation requires native function calling to be enabled, builtin tools and the knowledge tool category to be enabled, the selected model to have no attached knowledge bases, and knowledge of a valid target knowledge_id.