{"data":{"id":"eb9f38c3-8f4e-4e1c-baac-e5da4542d27a","title":"CVE-2026-54019: Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open ","summary":"Open WebUI, a self-hosted AI platform that runs offline, had a security flaw in versions before 0.9.6 where access controls (ACL, rules that restrict who can access what) could be bypassed when a database feature called Milvus multitenancy mode was enabled. An attacker could exploit this by using a specially crafted collection name that wasn't properly cleaned before being used in a database query, allowing them to access data they shouldn't be able to reach.","solution":"Update Open WebUI to version 0.9.6 or later, where this vulnerability is fixed.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-54019","publishedAt":"2026-06-23T18:18:07.230Z","cveId":"CVE-2026-54019","cweIds":["CWE-862","CWE-943"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Open WebUI","Milvus"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"low","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-23T18:18:07.230Z","capecIds":["CAPEC-122"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0020","AML.T0051.001"]}}