Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2628 articles · 174587 vulns · 37/41 feeds (7d)
← Back to list
8.3
CVE-2026-54010PATCHED
python · open-webui

Open WebUI: Forged chat-file link allows cross-user file read and deletion

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets an authenticated user attach arbitrary file_id values to their own chat message without checking whether they own or can read those files. If the attacker then shares that chat and grants themselves read access, has_access_to_file() treats the victim file as accessible through the shared chat, and the file endpoints read or delete the victim file. This vulnerability is fixed in 0.9.6.

Affected Products

VendorProductVersions
pythonopen-webui< 0.9.6

References

  • https://github.com/open-webui/open-webui/security/advisories/GHSA-vrhc-3fr6-pc3c(x_refsource_CONFIRM)

Related News (1 articles)

Tier C
VulDB21d ago
CVE-2026-54010 | open-webui Open WebUI up to 0.9.5 Forged Chat-File Link access control
→ No new info (linked only)
CVSS 3.18.3 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
CISA KEV❌ No
Actively exploited❌ No
Patch available
null
CWECWE-284, CWE-639, CWE-862
PublishedJun 17, 2026
Last enriched21d agov2
Tags
GHSA-vrhc-3fr6-pc3cpip
Trending Score4
Source articles1
Independent1
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

NONECVE-2026-15308EXP
Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations
Trending: 68
MEDIUMCVE-2026-55380EXP
Pillow GdImageFile decompression bomb protection bypass
Trending: 25
MEDIUMCVE-2026-55798EXP
Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path
Trending: 21
HIGHCVE-2026-54006
Open WebUI: Calendar event re-parenting allows writing events into another user's calendar
Trending: 4
HIGHCVE-2026-54013
Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI
Trending: 4

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 17, 2026
Discovered by ZDM
Jun 17, 2026
Updated: severity, patchAvailable
Jun 21, 2026
Patch Available
Jun 24, 2026

Version History

v2
Last enriched 21d ago
v2Tier C21d ago

Updated severity to CRITICAL and corrected exploit availability to false.

severitypatchAvailable
via VulDB
v125d ago

Initial creation