Vulnerability Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the channel webhook create/update flow accepts arbitrary profile_image_url values, including data:image/svg+xml;base64,... payloads. The profile image endpoint then decodes and serves this SVG as image/svg+xml without sanitization, allowing attacker-controlled script handlers (for example onload) to execute when the profile-image URL is opened in the browser. This vulnerability is fixed in 0.9.3.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openwebui | Open Webui | < 0.9.3 |
Related Weaknesses (CWE)
References
- https://github.com/open-webui/open-webui/security/advisories/GHSA-3856-3vxq-m6fcExploitVendor Advisory
- https://github.com/open-webui/open-webui/security/advisories/GHSA-3856-3vxq-m6fcExploitVendor Advisory
FAQ
What is CVE-2026-45314?
CVE-2026-45314 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the channel webhook create/update flow accepts arbitrary profile_image_url values, in...
How severe is CVE-2026-45314?
CVE-2026-45314 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-45314?
Check the references section above for vendor advisories and patch information. Affected products include: Openwebui Open Webui.