{"data":{"id":"01570547-4bcf-4f29-b1a7-c823c05c4a42","title":"GHSA-65pg-qhhw-mxwg: Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure","summary":"Open WebUI's `/api/v1/retrieval/` endpoint exposes RAG (retrieval-augmented generation, a technique where an AI pulls in external documents to answer questions) configuration details like embedding models and chunking parameters to anyone on the internet without requiring login credentials. An attacker can make a single HTTP request to discover the AI infrastructure setup and craft attacks that exploit how documents are split and retrieved.","solution":"Add `get_verified_user` dependency to the `get_status()` function. Change `@router.get('/') async def get_status(request: Request):` to `@router.get('/') async def get_status(request: Request, user=Depends(get_verified_user)):`","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-65pg-qhhw-mxwg","publishedAt":"2026-05-14T20:26:34.000Z","cveId":"CVE-2026-45397","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":["open-webui@< 0.9.5 (fixed: 0.9.5)"],"affectedVendors":[],"affectedVendorsRaw":["Open WebUI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-05-14T20:26:34.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}