CVE-2026-34222

Published April 1st, 2026

View on NVD ↗

CVSS v3

7.7

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a broken access control vulnerability in tool values. This issue has been patched in version 0.8.11.

open-webui/open-webui

User-friendly AI Interface (Supports Ollama, OpenAI API, ...)

GitHub

143K