CVE-2026-59219
Received Received - Intake

JWT Authentication Bypass in Open WebUI

Vulnerability report for CVE-2026-59219, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: GitHub, Inc.

Description

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decode_token without the Redis-backed is_valid_token revocation check, allowing revoked JWTs to continue authenticating realtime connections. This issue is fixed in version 0.10.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
open_webui open_webui From 0.9.0 (inc) to 0.9.9 (inc)
open_webui open_webui From 0.9.0 (inc) to 0.10.0 (exc)
open_webui open_webui 0.10.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-613 According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

This vulnerability allows revoked JWTs to continue authenticating realtime connections, potentially enabling unauthorized access to sensitive realtime data and user interactions.

Such unauthorized access to sensitive data could lead to violations of data protection regulations like GDPR and HIPAA, which require strict control over access to personal and sensitive information.

By allowing revoked tokens to bypass revocation checks in realtime endpoints, the system risks non-compliance with standards that mandate effective session termination and access revocation mechanisms.

Executive Summary

CVE-2026-59219 is a vulnerability in Open WebUI versions 0.9.0 to 0.9.9 when Redis is configured. The realtime endpoints, such as Socket.IO and terminal WebSocket connections, authenticate users using JWT tokens but fail to check if these tokens have been revoked. While HTTP authentication correctly rejects revoked tokens, the realtime authentication only verifies token signatures and expiry, allowing revoked tokens to still establish realtime connections.

This means that users who have signed out or had their tokens revoked can still access realtime features, potentially impersonating the victim user or accessing sensitive realtime data.

Impact Analysis

This vulnerability can allow an attacker with a revoked JWT token to continue authenticating realtime connections in Open WebUI. As a result, the attacker could access sensitive realtime data, collaborate as the victim user, or interact with terminal sessions without proper authorization.

The impact includes unauthorized access to confidential information and potential misuse of user privileges in realtime communication channels.

Detection Guidance

This vulnerability involves realtime endpoints accepting revoked JWT tokens without proper revocation checks. Detection involves monitoring realtime Socket.IO and terminal WebSocket connections for authentication attempts using revoked tokens.

You can detect exploitation attempts by inspecting realtime connection logs for JWT tokens that should have been revoked but are still accepted. Since the issue is related to token revocation checks missing in realtime authentication, commands or scripts that query Redis for revoked tokens and cross-reference active realtime connections could help.

  • Use Redis CLI commands to check revoked tokens, for example: `redis-cli KEYS revoked_tokens*` or querying token JTIs stored in Redis.
  • Monitor WebSocket connection logs or Socket.IO events to identify connections authenticated with tokens that should be revoked.
  • Implement or use scripts that decode JWT tokens from realtime connections and verify their revocation status against Redis.
Mitigation Strategies

The primary mitigation is to upgrade Open WebUI to version 0.10.0 or later, where the vulnerability is fixed by adding proper token revocation checks to realtime endpoints.

Until you can upgrade, consider disabling realtime features that rely on Socket.IO and terminal WebSocket connections if feasible, to prevent use of revoked tokens in realtime authentication.

Ensure that Redis is properly configured and accessible for token revocation checks, as the fix depends on validating tokens against Redis.

Review and monitor authentication logs for suspicious realtime connections using revoked tokens and revoke any suspicious sessions manually if possible.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59219. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart