CVE-2026-59226 in Open WebUIИнформация

Сводка

по MITRE • 09.07.2026

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, execute_automation rehydrated automation owners without rechecking that they were still active or still had features.automations, and check_model_access only enforced private-model grants for the exact user role, allowing deactivated pending users to continue scheduled model execution. This issue is fixed in version 0.10.0.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Ответственный

GitHub M

Резервировать

02.07.2026

Раскрытие

09.07.2026

Модерация

принято

Вход

VDB-377231

EPSS

0.00000

KEV

Нет

Деятельности

Очень низкий

Источники

Want to know what is going to be exploited?

We predict KEV entries!