PatchSiren cyber security CVE debrief
CVE-2026-44558 open-webui CVE debrief
A missing authorization check in Open WebUI's channel router allows non-admin users to bypass access controls. Prior to version 0.9.0, the create and update paths for group channels fail to invoke `filter_allowed_access_grants`, permitting users with channel creation or ownership privileges to submit arbitrary access grants—including public wildcard grants—without administrative validation. This enables unauthorized broadening of channel visibility beyond intended permissions. The vulnerability is classified as CWE-862 (Missing Authorization) and carries a CVSS 3.1 score of 5.4 (Medium). The issue was published on 2026-05-15 and last modified on 2026-05-19. Open WebUI version 0.9.0 contains the fix.
- Vendor
- open-webui
- Product
- Unknown
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-15
- Original CVE updated
- 2026-05-19
- Advisory published
- 2026-05-15
- Advisory updated
- 2026-05-19
Who should care
Organizations running self-hosted Open WebUI instances with multi-user deployments, particularly those relying on group-based access controls for sensitive AI conversations.
Technical summary
The Open WebUI channel router's create and update endpoints omit a critical `filter_allowed_access_grants` call, enabling privilege escalation where non-administrative users can define unrestricted public access to group channels they create or own.
Defensive priority
medium
Recommended defensive actions
- Upgrade Open WebUI to version 0.9.0 or later to obtain the authorization fix.
- Review existing group channel access grants for unauthorized public wildcard entries created prior to patching.
- Audit user permissions to ensure only trusted administrators possess channel creation and ownership capabilities.
- Monitor application logs for suspicious channel creation or access grant modification activity.
Evidence notes
The CVE description and NVD metadata confirm the vulnerable component is the channel router in Open WebUI versions prior to 0.9.0. The GitHub Security Advisory (GHSA-7rjh-px4v-5w55) is cited as both exploit source and vendor advisory. CVSS vector AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N supports network attack with low privileges required.
Official resources
-
CVE-2026-44558 CVE record
CVE.org
-
CVE-2026-44558 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Vendor Advisory
2026-05-15