CVE-2026-29071

Published
View on NVD ↗
CVSS v3
3.1
LOW
CVSS v2
N/A
Affected
1
PROJECT

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can read other users' private memories via `/api/v1/retrieval/query/collection`. Version 0.8.6 patches the issue.

open-webui/open-webui
open-webui/open-webui
User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
GitHubGitHub
143K