CVE-2026-45318 open-webui CVE debrief

Who should care

Organizations running self-hosted Open WebUI instances for offline AI operations, particularly those enabling file upload and preview features for multiple users. Security teams monitoring for XSS in modern JavaScript frameworks, especially Svelte applications using {@html} directives. Developers maintaining Open WebUI forks or custom deployments.

Technical summary

The vulnerability exists in Open WebUI's Excel file preview functionality. The application uses the xlsx library's sheet_to_html() method to convert spreadsheet content to HTML, then renders this output directly using Svelte's {@html} directive without passing through DOMPurify. This allows embedded JavaScript in crafted XLSX files to execute in the victim's browser. The regression occurred after v0.8.0, suggesting a code change reverted or bypassed the original fix for CVE-2026-44549. The attack requires an authenticated user to upload a malicious file and a victim to preview it.

Defensive priority

medium

Recommended defensive actions

• Upgrade Open WebUI to version 0.9.3 or later to remediate this vulnerability
• Review Excel file upload and preview functionality for additional sanitization gaps
• Monitor for any custom patches or forks that may have reintroduced similar patterns
• Audit application logs for suspicious Excel file uploads or preview access patterns prior to patching
• Consider implementing Content Security Policy (CSP) headers as a defense-in-depth measure for the preview component

Evidence notes

NVD analyzed status confirms technical details. GitHub Security Advisory GHSA-hcwp-82g6-8wxc provides vendor confirmation, exploit details, and mitigation guidance. CWE-79 (Improper Neutralization of Input During Web Page Generation) is the identified weakness. The CPE configuration indicates all versions prior to 0.9.3 are affected.

Official resources