CVE-2026-54016
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
Open WebUI is a self-hosted artificial intelligence platform that prior to version 0.9.6 had a Broken Object Level Authorization (BOLA) vulnerability in the search_knowledge_files tool. This allows an authenticated user to access metadata from private or restricted knowledge base files without proper permissions.
Risk Assessment
This vulnerability poses a risk of unauthorized access to sensitive data, potentially leading to breaches of privacy and information security within the organization.
Recommendation
It is recommended to update Open WebUI to version 0.9.6 or later to mitigate this vulnerability and implement additional access control measures.
Original NVD description (English source)
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI has a Broken Object Level Authorization (BOLA) vulnerability in the builtin search_knowledge_files tool. When native function calling is enabled and the selected model has no attached knowledge bases, an authenticated user can call search_knowledge_files with an arbitrary knowledge_id. The function then returns file metadata from that knowledge base without checking whether the user has read access. This allows unauthorized enumeration of private or restricted knowledge base files. This vulnerability is fixed in 0.9.6.

