CVE-2026-44553

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0

Description Administrative role changes and user deletions do not trigger the disconnection of affected sessions in the SESSION POOL. When a user connects via Socket.IO, their role is snapshotted into the SESSION POOL dictionary. The heartbeat handler refreshes the session timestamp but does not update the role. Consequently, a user whose admin role is revoked or who is deleted from the system retains administrative privileges within their existing Socket.IO session as long as the connection remains active. This allows unauthorized read and write access to any user's notes through the Yjs collaborative document handlers, specifically the ydoc:document:join and document save handler functions, which rely on the cached role rather than the database. This issue is exclusive to the Socket.IO session cache and does not affect HTTP endpoints.

Recommendations Update to version 0.9.0.