CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via `/api/v1/retrieval/query/collection`. Version 0.8.6 patches the issue.

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/open-webui/open-webui/security/advisories/GHSA-w9f8-gxf9-rhvw	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openwebui:open_webui:*:*:*:*:*:*:*:*

History

01 Apr 2026, 16:09

Type	Values Removed	Values Added
First Time		Openwebui open Webui Openwebui
CPE		cpe:2.3:a:openwebui:open_webui::::::::
References	~~() https://github.com/open-webui/open-webui/security/advisories/GHSA-w9f8-gxf9-rhvw -~~	() https://github.com/open-webui/open-webui/security/advisories/GHSA-w9f8-gxf9-rhvw - Exploit, Vendor Advisory

30 Mar 2026, 13:26

Type	Values Removed	Values Added
Summary		(es) Open WebUI es una plataforma de inteligencia artificial autoalojada diseñada para operar completamente sin conexión. Antes de la versión 0.8.6, cualquier usuario autenticado puede leer las memorias privadas de otros usuarios a través de '/API/v1/retrieval/query/collection'. La versión 0.8.6 corrige el problema.

27 Mar 2026, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-27 00:16

Updated : 2026-04-01 16:09

NVD link : CVE-2026-29071

Mitre link : CVE-2026-29071

CVE.ORG link : CVE-2026-29071

JSON object : View

Products Affected

openwebui

open_webui

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2026-29071", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2026-03-27T00:16:22.983", "references": [{"url": "https://github.com/open-webui/open-webui/security/advisories/GHSA-w9f8-gxf9-rhvw", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via `/api/v1/retrieval/query/collection`. Version 0.8.6 patches the issue."}, {"lang": "es", "value": "Open WebUI es una plataforma de inteligencia artificial autoalojada dise\u00f1ada para operar completamente sin conexi\u00f3n. Antes de la versi\u00f3n 0.8.6, cualquier usuario autenticado puede leer las memorias privadas de otros usuarios a trav\u00e9s de '/API/v1/retrieval/query/collection'. La versi\u00f3n 0.8.6 corrige el problema."}], "lastModified": "2026-04-01T16:09:53.443", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openwebui:open_webui:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98042D01-E16B-45CE-9BBC-E5A6E2AA2370", "versionEndExcluding": "0.8.6"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}