Cyber Resilience

CVE-2026-45301

HighPublic PoC

Published: 15 May 2026

Published
15 May 2026
Modified
18 May 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0027 19.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-45301 is a high-severity Improper Access Control (CWE-284) vulnerability in Openwebui Open Webui. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 19.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Privacy and Disclosure risk domain.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission check in all files related API endpoints allows any authenticated user to list, access and delete every file uploaded by every…

more

user to the platform. This vulnerability is fixed in 0.3.16.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: artificial intelligence, open webui

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
Why these techniques?

Missing permission checks on file API endpoints directly enable unauthorized file/directory listing and data access across all users' uploads.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-44556Same product: Openwebui Open Webui
CVE-2026-45402Same product: Openwebui Open Webui
CVE-2024-7043Same product: Openwebui Open Webui
CVE-2026-45401Same product: Openwebui Open Webui
CVE-2024-7959Same product: Openwebui Open Webui
CVE-2026-44554Same product: Openwebui Open Webui
CVE-2026-44555Same product: Openwebui Open Webui
CVE-2026-29070Same product: Openwebui Open Webui
CVE-2026-45665Same product: Openwebui Open Webui
CVE-2026-44721Same product: Openwebui Open Webui

Affected Assets

openwebui
open webui
≤ 0.3.16

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-284

The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.

addresses: CWE-284

Device lock enforces restricted access until re-authentication, directly reducing unauthorized use of active sessions.

addresses: CWE-284

Supervision and review of access control activities directly detects and remediates improper access configurations or usages.

addresses: CWE-284

Explicitly identifying and documenting actions permitted without identification or authentication enforces proper access control boundaries by defining justified exceptions.

addresses: CWE-284

By automatically labeling outputs with security attributes, the control supports attribute-based enforcement and reduces exploitability of improper access control weaknesses.

addresses: CWE-284

Associating and retaining security attributes with data directly supports enforcement of access control decisions across storage, processing, and transmission.

addresses: CWE-284

Requiring prior authorization for each remote access type prevents improper access control over remote connections.

addresses: CWE-284

Requiring authorization of wireless access before allowing connections enforces proper access control for this access method.

References