AI Threat Alert
Open WebUI Vulnerabilities
pip ML UI 38
Risk Score
92
Total CVEs
1
Critical
pip
Ecosystem
May 14, 2026
Last CVE
74%
Patch Rate
4d
Avg Time to Patch
137,383 stars
19,613 forks
302 issues
Last push May 15, 2026
View on GitHub
Known Vulnerabilities (92 total, page 4 of 4)
Severity CVE ID Summary CVSS Published
MEDIUM CVE-2024-7033 open-webui: path traversal allows file write and RCE 6.5 Mar 20, 2025 MEDIUM CVE-2024-7046 Open WebUI: missing authz leaks admin credentials 4.3 Mar 20, 2025 HIGH CVE-2024-7053 open-webui: XSS enables admin session hijack via chat 7.6 Mar 20, 2025 HIGH GHSA-w466-2wfc-8g58 open-webui: DoS via starlette memory exhaustion 7.5 Mar 20, 2025 HIGH GHSA-6wj5-5pgr-jwq8 open-webui: DoS via malformed multipart boundary 7.5 Mar 20, 2025 HIGH CVE-2024-7806 Open-WebUI: CSRF enables RCE via pipeline code injection 8.0 Mar 20, 2025 HIGH CVE-2024-7983 open-webui: unauthenticated DoS via markdown parser 7.5 Mar 20, 2025 HIGH CVE-2024-8053 Open-WebUI: unauthenticated PDF endpoint enables DoS 7.5 Mar 20, 2025 HIGH CVE-2024-8060 OpenWebUI: path traversal RCE via audio upload API 8.1 Mar 20, 2025 HIGH CVE-2024-7990 open-webui: Stored XSS enables admin session hijack 8.4 Mar 20, 2025 MEDIUM CVE-2024-7035 Open WebUI: CSRF wipes RAG DB and AI memories via GET 6.9 Mar 20, 2025 HIGH CVE-2024-7036 open-webui: unauthenticated DoS disables Admin panel 7.5 Mar 20, 2025 HIGH CVE-2025-64495 Open WebUI: XSS-to-RCE via malicious prompt injection 8.7 Nov 7, 2025 HIGH CVE-2025-64496 open-webui: Code Injection enables RCE 7.3 Nov 7, 2025 HIGH CVE-2025-65958 open-webui: SSRF allows internal network access 8.5 Dec 4, 2025 LOW CVE-2025-63681 open-webui: Access Control bypass enables privilege escalation -- Dec 4, 2025 HIGH CVE-2024-7959 Open-WebUI: SSRF via unchecked OpenAI URL leaks internal secrets 7.7 Mar 20, 2025 Showing 76–92 of 92
Monitor Open WebUI in your stack
Get instant alerts when new vulnerabilities affect Open WebUI. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring