CVE-2026-34222
Published: 01 April 2026
Summary
CVE-2026-34222 is a high-severity Improper Authorization (CWE-285) vulnerability in Openwebui Open Webui. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 1.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for logical access to information and system resources, directly mitigating the broken access control vulnerability in Open WebUI tool values that allows low-privileged attackers unauthorized access to sensitive data.
Requires timely identification, reporting, and correction of system flaws like CVE-2026-34222, preventing exploitation through patching to version 0.8.11.
Employs least privilege to restrict low-privileged users or processes to only necessary accesses, limiting the scope and impact of unauthorized data exposure from the broken access control.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Broken access control vulnerability in network-accessible Open WebUI web application directly enables remote exploitation of a public-facing application (T1190) with low-privileged access leading to unauthorized sensitive data exposure.
NVD Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a broken access control vulnerability in tool values. This issue has been patched in version 0.8.11.
Deeper analysisAI
CVE-2026-34222 is a broken access control vulnerability (CWE-285) in tool values affecting Open WebUI, a self-hosted artificial intelligence platform designed to operate entirely offline. The issue impacts versions prior to 0.8.11 and has a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
The vulnerability can be exploited remotely over the network by an attacker with low privileges, requiring low attack complexity and no user interaction. Successful exploitation results in a changed scope with high confidentiality impact, enabling unauthorized access to sensitive data.
The issue has been addressed in Open WebUI version 0.8.11. Security practitioners should upgrade to this version for mitigation. Relevant details are provided in the GitHub release notes (https://github.com/open-webui/open-webui/releases/tag/v0.8.11), the GitHub security advisory (https://github.com/open-webui/open-webui/security/advisories/GHSA-7429-hxcv-268m), and a Full Disclosure mailing list post (http://seclists.org/fulldisclosure/2026/Apr/4).
As a self-hosted AI platform, Open WebUI's vulnerability holds relevance for organizations deploying offline AI/ML tools, particularly those handling sensitive data in scoped environments.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: artificial intelligence