Improper access control in Open WebUI - #VU136846
Published: July 3, 2026
Open WebUI
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to improper access control in get_all_models handlers in routers/openai.py and routers/ollama.py when caching permission-filtered model lists. A remote user can request the model list within the cache ttl window to disclose sensitive information.
The exposure is timing-dependent and limited to the most recently cached permission-filtered model list, and the attacker cannot choose which other user's list is returned.