CVE-2026-45365

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.11

Description An internal-only bypass filter parameter is exposed on the '/openai/chat/completions' and '/ollama/api/chat' HTTP endpoints due to FastAPI query string binding. This allows any authenticated user to append ?bypass filter=true to the request URL, skipping model access control checks and enabling the invocation of admin-restricted models using the server's API keys.

Recommendations Update to version 0.8.11 or later.