CVE-2026-4993
Received Received - Intake
Hardcoded Credentials in wandb OpenUI backend/config.py (Local Attack

Publication date: 2026-03-28

Last updated on: 2026-03-28

Assigner: VulDB

Description
A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts an unknown function of the file backend/openui/config.py. The manipulation of the argument LITELLM_MASTER_KEY leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-28
Last Modified
2026-03-28
Generated
2026-06-16
AI Q&A
2026-03-28
EPSS Evaluated
2026-06-14
NVD
CVE-2026-4993
EUVD
EUVD-2026-16913
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wandb openui to 0.0.0.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-259 The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The CVE-2026-4993 vulnerability is an authentication bypass in the LiteLLM proxy used by the wandb OpenUI application. It is caused by a coding error in the file backend/openui/config.py where a Python f-string prefix is missing. Instead of dynamically setting a master key with a random session key, the code assigns a static string "sk-{SESSION_KEY}" literally. This means the proxy always uses the same hardcoded master key.

Because the proxy binds to all network interfaces on port 4000, attackers can send requests with the known static master key in the Authorization header to gain unauthenticated administrative access. This allows them to bypass authentication, access internal endpoints, and misuse API credits.

Impact Analysis

This vulnerability can have several impacts:

  • Authentication Bypass: Attackers gain full administrative access without valid credentials.
  • Financial Abuse: Attackers can consume unlimited LLM API credits tied to your account, potentially incurring significant costs.
  • Information Exposure: Attackers can query internal endpoints to gather sensitive details about your LLM configurations behind the firewall.
Detection Guidance

This vulnerability can be detected by testing for the presence of the hardcoded master key authentication bypass on the LiteLLM proxy running on port 4000. Specifically, sending an HTTP request with the header "Authorization: Bearer sk-{SESSION_KEY}" to the proxy's endpoints can confirm the issue.

A proof of concept command to detect the vulnerability is to use curl to send a request to the /v1/models endpoint with the static bearer token. If the response is 200 OK instead of 401 Unauthorized, the system is vulnerable.

  • curl -H "Authorization: Bearer sk-{SESSION_KEY}" http://<target-ip>:4000/v1/models
Mitigation Strategies

Immediate mitigation steps include restricting network access to the LiteLLM proxy on port 4000 to trusted hosts only, since the proxy binds to all interfaces (0.0.0.0).

Additionally, updating the affected wandb OpenUI package to a version where the hardcoded credential issue is fixed (i.e., the missing f-string prefix corrected in backend/openui/config.py) is critical.

If an update is not immediately available, manually patching the code to correctly use the f-string prefix on line 44 of config.py to dynamically set the master key instead of a static string will mitigate the issue.

Monitoring and blocking unauthorized requests with the static bearer token can also help reduce exploitation risk.

Compliance Impact

The vulnerability allows unauthenticated administrative access due to hard-coded credentials, which can lead to unauthorized access to internal endpoints and potential exposure of sensitive information.

Such unauthorized access and information exposure could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls on access to sensitive data and protection against unauthorized disclosure.

Additionally, the financial abuse aspect, where attackers can consume API credits tied to the victim’s accounts, may also violate organizational policies related to resource usage and security.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4993. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart