Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-u25g-p4nx-gqd1
Vulnerability ID VCID-u25g-p4nx-gqd1
Aliases CVE-2026-28788
GHSA-jjp7-g2jw-wh3j
Summary Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the `POST /api/v1/retrieval/process/files/batch` endpoint. The endpoint performs no ownership check, so a regular user with read access to a shared knowledge base can obtain file UUIDs via `GET /api/v1/knowledge/{id}/files` and then overwrite those files, escalating from read to write. The overwritten content is served to the LLM via RAG, meaning the attacker controls what the model tells other users. Version 0.8.6 patches the issue.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-639 Authorization Bypass Through User-Controlled Key
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2026-28788
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2026-28788
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-jjp7-g2jw-wh3j
cvssv3.1 7.1 https://github.com/open-webui/open-webui
generic_textual HIGH https://github.com/open-webui/open-webui
cvssv3.1 7.1 https://github.com/open-webui/open-webui/releases/tag/v0.8.6
generic_textual HIGH https://github.com/open-webui/open-webui/releases/tag/v0.8.6
cvssv3.1 7.1 https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
cvssv3.1_qr HIGH https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
generic_textual HIGH https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
ssvc Track https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
cvssv3.1 7.1 https://nvd.nist.gov/vuln/detail/CVE-2026-28788
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2026-28788
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-28788
https://github.com/open-webui/open-webui
https://github.com/open-webui/open-webui/releases/tag/v0.8.6
https://nvd.nist.gov/vuln/detail/CVE-2026-28788
GHSA-jjp7-g2jw-wh3j https://github.com/advisories/GHSA-jjp7-g2jw-wh3j
GHSA-jjp7-g2jw-wh3j https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L Found at https://github.com/open-webui/open-webui
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L Found at https://github.com/open-webui/open-webui/releases/tag/v0.8.6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L Found at https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T20:08:10Z/ Found at https://github.com/open-webui/open-webui/security/advisories/GHSA-jjp7-g2jw-wh3j
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2026-28788
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.0527
EPSS Score 0.00019
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T16:43:52.697418+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2026/28xxx/CVE-2026-28788.json 38.6.0