Origin validation error in Open WebUI - CVE-2026-54007
Published: June 30, 2026
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote attacker to trigger unauthorized prompt submission and model or tool execution under the victim's session.
The vulnerability exists due to improper origin validation in the chat message listener in src/lib/components/chat/Chat.svelte when processing cross-origin postMessage messages. A remote attacker can send crafted input:prompt and action:submit messages to trigger unauthorized prompt submission and model or tool execution under the victim's session.
The victim must be authenticated to Open WebUI in the browser, and user interaction is required to click on the attacker-controlled page.