CVE-2026-45338

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0

Description A Server-Side Request Forgery (SSRF) issue exists in the process picture url() function within backend/open webui/utils/oauth.py. The function fetches URLs from OAuth picture claims without using the validate url() function, allowing an attacker to force the server to make HTTP requests to internal resources and exfiltrate the full response. This can be exploited during new user OAuth signup or when existing user pictures are updated on login. Potential targets include cloud metadata endpoints to steal credentials, internal network services, or localhost-bound services. SSRF is a vulnerability where an attacker can trick a server-side application into making requests to an unintended location.

Recommendations Update to version 0.9.0. As a temporary workaround, consider restricting the use of the process picture url() function or disabling the ENABLE OAUTH SIGNUP and OAUTH UPDATE PICTURE ON LOGIN configurations to minimize the risk of exploitation.