CVE-2026-44566

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.1.124

Description An issue exists in the self-hosted artificial intelligence platform where the application fails to validate or sanitize the filename during file uploads. When attaching files to a prompt via the '/rag/api/v1/doc' API endpoint, the system derives the filename from the original HTTP upload request. This allows users to include dot-segments in the file path to perform path traversal, enabling the upload of files to arbitrary locations on the filesystem where the web server user has permissions. This can be exploited to upload malicious models or overwrite critical system files, such as SSH authorized keys.

Recommendations Update to version 0.1.124.