CVE-2026-45351

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.9

Description When a non-administrative user logs into the application, a web request to the '/api/models?' endpoint is initiated. The response from this request reveals the system prompts of available models configured by the administrator in the workspace, compromising the confidentiality of the application. System prompts are the underlying instructions that define a model's behavior, and their exposure can provide insights into system capabilities or be used to bypass restrictions and manipulate content.

Recommendations Update to version 0.8.9.