CVE-2026-0765

Name of the Vulnerable Software and Affected Versions Open WebUI (affected versions not specified)

Description A flaw exists in Open WebUI that allows remote attackers to execute arbitrary code. Authentication is required to exploit this issue. The vulnerability is located within the install frontmatter requirements function and stems from insufficient validation of user-supplied input before it is used in a system call. Successful exploitation could allow an attacker to execute code with the privileges of the service account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.