Incorrect authorization in Open WebUI - #VU135955
Published: June 30, 2026
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote user to bypass model access restrictions.
The vulnerability exists due to incorrect authorization in model access control checks when validating access for a stored automation model ID. A remote user can rely on a pending role falling through the access-control logic to bypass model access restrictions.
This issue affects non-admin roles because private-model grants were enforced only for the exact role user.