CVE-2026-44565

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.10

Description An issue exists where the application does not validate or sanitize the filename of uploaded audio files, deriving it directly from the original HTTP upload request. This allows users to include dot-segments in the file path to perform path traversal, enabling them to upload files to arbitrary locations on the filesystem where the web server user has permissions. Specifically, the '/ollama/models/upload' endpoint is affected. Because the application temporarily writes the file to disk before sending it to another API and then deletes it, this can result in the overwriting and subsequent deletion of existing files on the server.

Recommendations Update to version 0.6.10. As a temporary workaround, restrict access to the '/ollama/models/upload' endpoint to minimize the risk of exploitation.