Executive Summary

CVE-2026-29070 is a moderate severity vulnerability in the Open WebUI platform affecting versions up to 0.8.5. The issue arises because when deleting a file from a knowledge base, the system only checks if the user has write access to that knowledge base or is an admin, but it does not verify whether the file actually belongs to that knowledge base.

This means an attacker who knows the ID of a file in another knowledge base can delete that file by sending a deletion request under their own knowledge base ID. The vulnerability allows unauthorized deletion of arbitrary files across knowledge bases due to insufficient access control checks.

The problem was fixed in version 0.8.6 by adding proper validation to ensure the file belongs to the knowledge base before allowing deletion.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing unauthorized deletion of files from any knowledge base within the Open WebUI platform, as long as the attacker knows the file ID.

The impact is primarily on data integrity and availability, as files can be deleted without proper authorization. However, there is no loss of confidentiality since the vulnerability does not expose file contents.

• Loss of files due to unauthorized deletion
• Compromise of data integrity within knowledge bases

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring API requests to the endpoint responsible for file deletion in knowledge bases, specifically POST requests to /{id}/file/remove.

Detection involves checking if deletion requests are made where the file ID does not belong to the knowledge base ID used in the request, indicating unauthorized deletion attempts.

You can use network monitoring or logging tools to capture such requests and verify if the file ownership validation is missing.

Example commands to detect suspicious deletion attempts might include:

• Using curl to simulate or check deletion requests: curl -X POST https://your-open-webui-instance/{knowledge_base_id}/file/remove -d '{"file_id": "some_file_id"}' -H 'Authorization: Bearer <token>'
• Using grep or similar tools on server logs to find deletion requests: grep '/file/remove' /path/to/open-webui/logs/access.log
• Using network packet capture tools like tcpdump or Wireshark to filter POST requests to /file/remove endpoint.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade Open WebUI to version 0.8.6 or later, where the vulnerability has been patched by adding proper validation to ensure the file belongs to the knowledge base before deletion.

Until the upgrade can be applied, restrict write access to knowledge bases only to trusted users to reduce the risk of exploitation.

Additionally, monitor and audit deletion requests to detect any unauthorized file deletion attempts.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthorized deletion of files across knowledge bases, compromising data integrity by enabling attackers to delete arbitrary files if they know the file ID. However, there is no impact on confidentiality or availability.

Since the vulnerability affects data integrity but does not expose or leak sensitive data, its direct impact on compliance with standards like GDPR or HIPAA is limited. These regulations emphasize protecting confidentiality, integrity, and availability of personal or sensitive data.

The unauthorized deletion of files could potentially violate data integrity requirements under such regulations, especially if the deleted files contain regulated personal or health information. Organizations using the affected software might face compliance risks if they cannot ensure data integrity and proper access controls.

Therefore, while the vulnerability does not directly cause data breaches or confidentiality loss, it may still affect compliance by undermining data integrity controls required by standards like GDPR and HIPAA.

Useful 0 Not Useful 0