{"data":{"id":"fdd359ff-1a08-4ec1-8437-048defa9becb","title":"CVE-2026-44556: Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /","summary":"Open WebUI, a self-hosted AI platform that runs offline, had a security flaw in versions before 0.9.0 where the /responses endpoint allowed any logged-in user to access any model on the system without proper permission checks. While the main chat endpoint verified that users had the right to use specific models through ownership, group membership, and access grants, the /responses proxy skipped these checks and only confirmed the user was logged in, letting attackers use models they shouldn't have access to.","solution":"This vulnerability is fixed in 0.9.0.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-44556","publishedAt":"2026-05-15T20:16:47.097Z","cveId":"CVE-2026-44556","cweIds":["CWE-284","CWE-862"],"cvssScore":"7.1","cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Open WebUI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","attackVector":"network","attackComplexity":"low","privilegesRequired":"low","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-05-15T20:16:47.097Z","capecIds":["CAPEC-122"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}