CVE-2026-29070

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6

Description Open WebUI is an artificial intelligence platform designed for offline operation. A missing access control check when deleting files from a knowledge base allows a user with write access to a knowledge base (or an administrator) to delete arbitrary files from any knowledge base, provided they know the file ID. The issue stems from a lack of validation that the file being deleted actually belongs to the knowledge base the user has access to. The vulnerable code is located in the /api/v1/knowledge/{id}/file/remove API endpoint, specifically within the remove file from knowledge by id function. The file id parameter, form data.file id, is not validated against the current knowledge base. A proof of concept demonstrates an attacker deleting a file from a victim's knowledge base by submitting a request to their own collection with the victim's file ID.

Recommendations Update Open WebUI to version 0.8.6 or later.