CVE-2025-29446

Low CVSS: 3.3

open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.

Vendor

Product

CWE

Yayın Tarihi

2025-04-21 17:15:23

Güncelleme

2025-05-28 15:49:36

Source Identifier

cve@mitre.org

KEV Date Added

CWE-918 Open Webui LOW Openwebui 2025

https://github.com/jcxj/jcxj/blob/master/source/_posts/open-webui-ssrf%E6%BC%8F%E6%B4%9E.md https://github.com/l1uyi/cve-list/blob/main/cve-list/open-webui-ssrf.md

Medium

CVE-2026-28786

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.…

High

CVE-2026-28788

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.…

Medium

CVE-2026-29070

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.…

Low

CVE-2026-29071

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.…

High

CVE-2026-26192

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.…

High

CVE-2026-26193

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.…