CVE-2026-34222

Open WebUI has Broken Access Control in Tool Valves

CVSS 7.7 HIGHEPSS 5.3%CWE-285

In short

Open WebUI allows unauthorized users to access or modify tool settings that should be restricted to administrators. This means someone without proper permissions could change how AI tools behave, potentially accessing sensitive data or disrupting system functions.

Technical detail

A broken access control vulnerability in tool valves (CWE-285) permits authenticated or unauthenticated users to bypass authorization checks and read/modify tool configurations in Open WebUI versions prior to 0.8.11. The vulnerability affects the tool management endpoint, potentially allowing privilege escalation or unauthorized system manipulation without requiring elevated credentials.

Summary generated and translated by AI from the official description.

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a broken access control vulnerability in tool values. This issue has been patched in version 0.8.11.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected products

open-webui · open-webui

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2026/Apr/4 https://github.com/open-webui/open-webui/releases/tag/v0.8.11 https://github.com/open-webui/open-webui/security/advisories/GHSA-7429-hxcv-268m