CVE-2026-54011
Undergoing Analysis Undergoing Analysis - In Progress
XSS in Open WebUI via Mermaid Markdown Rendering

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: GitHub, Inc.

Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with securityLevel: 'loose', attacker-controlled Mermaid content can be rendered unsafely in this flow. A working payload was validated through the Markdown preview path, resulting in JavaScript execution in the victim’s browser under the application origin. This vulnerability is fixed in 0.9.6.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-24
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-54011
EUVD
EUVD-2026-38531
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
open_webui open_webui to 0.9.6 (exc)
open_webui open_webui 0.9.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stored cross-site scripting (XSS) issue in Open WebUI versions 0.9.5 and earlier. It occurs because the application renders Mermaid diagrams from Markdown files in the file preview panel using innerHTML, which allows malicious JavaScript to execute. The problem arises since Mermaid is configured with a security level set to 'loose', enabling attacker-controlled Mermaid content to be rendered unsafely. An attacker can upload a malicious Markdown file containing a Mermaid diagram with embedded JavaScript, which executes when the file is previewed and interacted with.

Impact Analysis

This vulnerability can lead to arbitrary JavaScript execution in the victim's browser under the application origin. This means an attacker can execute malicious scripts, potentially stealing sensitive information, hijacking user sessions, or performing actions on behalf of the user. Since the attack exploits normal product functionality without requiring elevated privileges, it poses a significant security risk. The CVSS score of 8.7 indicates a high severity with low attack complexity but requiring user interaction.

Detection Guidance

This vulnerability can be detected by checking if your Open WebUI instance is running a vulnerable version (0.9.5 or earlier) and by testing if malicious Mermaid Markdown content can be rendered in the file preview panel leading to JavaScript execution.

A practical detection method involves uploading a specially crafted Markdown (.md) file containing a Mermaid diagram with a JavaScript payload and then previewing the file to see if the payload executes (for example, triggering an alert).

There are no specific network commands provided, but you can verify the version of Open WebUI running on your system by checking the application version, for example:

  • Check the application version via the UI or command line to confirm if it is 0.9.5 or earlier.
  • Upload a test Markdown file with a Mermaid diagram containing a known JavaScript payload to the file preview panel and observe if the payload executes.
Mitigation Strategies

The immediate mitigation step is to upgrade Open WebUI to version 0.9.6 or later, where this vulnerability is fixed.

Alternatively, if upgrading is not immediately possible, configure Mermaid's securityLevel from 'loose' to 'strict' to prevent unsafe rendering of attacker-controlled content.

Avoid previewing untrusted Markdown files containing Mermaid diagrams until the fix or configuration change is applied.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54011. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart