CVE-2026-59715
Received Received - Intake

Socket.IO Authentication Bypass in Open WebUI

Vulnerability report for CVE-2026-59715, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: GitHub, Inc.

Description

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.16 before 0.10.0, the Socket.IO server is configured with always_connect=True. The ydoc:awareness:update and ydoc:document:leave Socket.IO handlers accepted collaborative-document events without requiring an authenticated user, allowing unauthorized manipulation of document collaboration state. This issue is fixed in version 0.10.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
open_webui open_webui From 0.6.16 (inc) to 0.10.0 (exc)
open_webui open_webui 0.10.0
open_webui open_webui From 0.6.16 (exc) to 0.10.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthenticated users to manipulate collaborative document awareness data and impersonate users within the Open WebUI platform. While the document content itself is not directly compromised, the ability to spoof user presence and cursor positions could lead to integrity issues in collaborative sessions.

This unauthorized manipulation and impersonation could potentially impact compliance with standards and regulations that require strong access controls and user authentication, such as GDPR and HIPAA, because it undermines the assurance that only authorized users can interact with sensitive collaborative data.

However, since the vulnerability does not expose or alter the actual document content or sensitive data directly, the impact on compliance may be limited to the integrity and authentication aspects rather than confidentiality or data breach concerns.

Executive Summary

CVE-2026-59715 is a vulnerability in the Open WebUI platform affecting two Socket.IO event handlers: ydoc:awareness:update and ydoc:document:leave. These handlers did not require authentication, allowing unauthenticated users to connect via WebSocket and manipulate collaborative document session states. Specifically, attackers could send spoofed events to fake cursor positions, user presence, or user leave events in live document collaboration sessions. This was possible because the server was configured with always_connect=True, permitting unauthenticated socket connections. The vulnerability does not affect the document content itself, as write permissions were enforced elsewhere.

Impact Analysis

This vulnerability can impact users by allowing attackers to disrupt the collaborative editing experience. Attackers can impersonate other users by spoofing user IDs, create fake cursor movements or presence indicators, and send false user leave events. This can lead to confusion, misinformation, and a degraded user interface experience during collaboration. Additionally, the vulnerability could be exploited to exhaust server resources by allowing unlimited unauthenticated connections. However, the actual document content remains protected from unauthorized modification.

Detection Guidance

This vulnerability can be detected by monitoring for unauthenticated WebSocket connections to the Open WebUI Socket.IO server, especially those emitting events to the `ydoc:awareness:update` and `ydoc:document:leave` handlers without proper authentication.

You can look for suspicious WebSocket traffic that attempts to send collaborative document events without valid session authentication.

  • Use network monitoring tools like Wireshark or tcpdump to capture WebSocket traffic on the relevant ports.
  • Filter for WebSocket frames containing the event names `ydoc:awareness:update` or `ydoc:document:leave`.
  • Check server logs for unauthenticated socket connections or events emitted without valid session tokens.
  • Example command to capture WebSocket traffic on port 3000 (replace with actual port): `sudo tcpdump -i any -A port 3000 | grep -E 'ydoc:awareness:update|ydoc:document:leave'`
  • Use WebSocket debugging tools or browser developer tools to inspect WebSocket frames if you have access to the client side.
Mitigation Strategies

The primary mitigation is to upgrade Open WebUI to version 0.10.0 or later, where the vulnerability is fixed by enforcing authentication on the affected Socket.IO handlers.

Until you can upgrade, consider restricting access to the Socket.IO server to trusted users or networks to prevent unauthenticated connections.

Disable or restrict the `always_connect=True` setting if possible, to prevent unauthenticated socket connections.

Monitor and limit the number of unauthenticated WebSocket connections to reduce risk of resource exhaustion.

Review and apply any available patches or configuration changes recommended by the Open WebUI project related to this issue.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59715. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart