GHSA-65pg-qhhw-mxwg: Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure
Summary
Open WebUI's `/api/v1/retrieval/` endpoint exposes RAG (retrieval-augmented generation, a technique where an AI pulls in external documents to answer questions) configuration details like embedding models and chunking parameters to anyone on the internet without requiring login credentials. An attacker can make a single HTTP request to discover the AI infrastructure setup and craft attacks that exploit how documents are split and retrieved.
Solution / Mitigation
Add `get_verified_user` dependency to the `get_status()` function. Change `@router.get('/') async def get_status(request: Request):` to `@router.get('/') async def get_status(request: Request, user=Depends(get_verified_user)):`
Vulnerability Details
EPSS: 0.0%
Yes
May 14, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-65pg-qhhw-mxwg
First tracked: May 14, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 95%