CVE-2026-54011
HighCVSS 8.7Exploitation Probability (EPSS)
Low risk17th percentile — higher than 17% of all known CVEs
Summary
Open WebUI prior to version 0.9.6 renders Mermaid blocks from Markdown files in the file preview panel, allowing for the injection of malicious JavaScript code into the DOM. Due to the securityLevel: 'loose' setting, attacker-controlled content can be rendered unsafely.
Risk Assessment
An attacker could exploit this vulnerability to execute malicious JavaScript in victims' browsers, potentially leading to data theft or session hijacking.
Recommendation
It is recommended to update Open WebUI to version 0.9.6 or later to mitigate this vulnerability and reduce the risk of unauthorized code execution.
Original NVD description (English source)
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with securityLevel: 'loose', attacker-controlled Mermaid content can be rendered unsafely in this flow. A working payload was validated through the Markdown preview path, resulting in JavaScript execution in the victim’s browser under the application origin. This vulnerability is fixed in 0.9.6.

