CNNVD-202512-3439 Information
Dec 18, 2025
cve
CNNVD ID
CNNVD-202512-3439
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
Open WebUI是Open WebUI开源的一个可扩展、功能丰富、用户友好的自托管 WebUI。 Open WebUI 0.6.32及之前版本存在安全漏洞,该漏洞源于认证绕过,可能导致未授权访问系统配置数据。
Description (English)
Open WebUI is an extended, functional, user-friendly, open source of Open WebUI WebUI. Open WebUI 0.6.32 and previous versions had a security loophole, which stemmed from the certification circumvention and could lead to unauthorized access to system configuration data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Open WebUI
Published
2025-12-18
Last Modified
2026-02-24
References
https://gist.github.com/Cristliu/13c41b97285b776275bc8bfd3504e51b https://github.com/open-webui/open-webui/issues https://access.redhat.com/security/cve/cve-2025-63391
Patch
https://github.com/open-webui/open-webui/releases
Share on: