CVE-2026-54019: Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open
Summary
Open WebUI, a self-hosted AI platform that runs offline, had a security flaw in versions before 0.9.6 where access controls (ACL, rules that restrict who can access what) could be bypassed when a database feature called Milvus multitenancy mode was enabled. An attacker could exploit this by using a specially crafted collection name that wasn't properly cleaned before being used in a database query, allowing them to access data they shouldn't be able to reach.
Solution / Mitigation
Update Open WebUI to version 0.9.6 or later, where this vulnerability is fixed.
Vulnerability Details
6.5(medium)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
network
low
low
none
June 23, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-54019
First tracked: June 24, 2026 at 02:13 AM
Classified by LLM (prompt v3) · confidence: 85%