Open Webui CVEs and Security Vulnerabilities

Filtered by vendor Openwebui Subscriptions

Filtered by product Open Webui Subscriptions

Switch to Advanced Search (Beta)

Total 21 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-7049	2 Open-webui, Openwebui	2 Open-webui, Open Webui	2024-10-17	5.4 Medium
In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process.

« first previous Page 2 of 2.