CNNVD-202512-472 Information

CNNVD ID

CNNVD-202512-472

Related CVE

CVE-2025-65958

• CNNVD Published: 2025-12-04

Description (Chinese)

Open WebUI是Open WebUI开源的一个可扩展、功能丰富、用户友好的自托管 WebUI。 Open WebUI 0.6.37之前版本存在代码问题漏洞，该漏洞源于服务器端请求伪造，可能导致访问内部网络和服务。

Description (English)

Open WebUI is an extended, functional, user-friendly, open source of Open WebUI WebUI. The pre-Open WebUI 0.6.37 version has a code problem loophole, which stems from server-end requests for forgery and may lead to access to internal networks and services.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Open WebUI

Published

2025-12-04

Last Modified

2026-02-24

References

https://github.com/open-webui/open-webui/commit/02238d3113e966c353fce18f1b65117380896774 https://github.com/open-webui/open-webui/security/advisories/GHSA-c6xv-rcvw-v685

Patch

https://github.com/open-webui/open-webui/releases