CVE-2026-59213
Received
Received - Intake
Open WebUI Cache Key Permission Bypass in Model List
Vulnerability report for CVE-2026-59213, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-09
Last updated on: 2026-07-09
Assigner: GitHub, Inc.
Description
Description
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, get_all_models handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of key_builder, causing permission-filtered per-user model lists to share a static cache entry and exposing one userβs model list to another caller during the TTL window. This issue is fixed in version 0.10.0.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open_webui | open_webui | to 0.10.0 (exc) |
| open_webui | open_webui | 0.10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-524 | The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere. |