CVE-2026-54021 open-webui CVE debrief

Who should care

Open WebUI users and administrators should be aware of this vulnerability and take necessary actions to protect their systems. Specifically, users with versions prior to 0.9.6 should upgrade to the latest version to prevent unauthorized access to Ollama backends. Additionally, users should review their system configurations and ensure that access controls are properly set up.

Technical summary

The vulnerability in Open WebUI arises from the lack of proper validation of the url_idx path parameter in several Ollama proxy routes. This allows authenticated users to access unauthorized Ollama backends, including internal, higher-privilege, or explicitly admin-disabled backends. The vulnerability has a CVSS score of 6.3 and a medium severity level. The issue was fixed in version 0.9.6, and users are advised to upgrade to the latest version.

Defensive priority

Defenders should prioritize upgrading to version 0.9.6 or later to fix the vulnerability. Additionally, defenders should review system configurations and ensure that access controls are properly set up to prevent unauthorized access to Ollama backends.

Recommended defensive actions

• Upgrade to Open WebUI version 0.9.6 or later
• Review system configurations and ensure proper access controls
• Monitor system activity for suspicious behavior
• Implement additional security measures, such as network segmentation and access controls
• Consider compensating controls, such as web application firewalls

Evidence notes

The vulnerability was reported by an unknown source and fixed in version 0.9.6. The CVSS score for this vulnerability is 6.3, indicating a medium severity level. The vulnerability allows authenticated users to access unauthorized Ollama backends by manipulating the url_idx path parameter.

Official resources