CVE-2026-45396

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5

Description An authenticated attacker can perform mass assignment via the 'POST /api/v1/evaluations/feedback' endpoint. This is possible because the FeedbackForm uses a configuration that allows extra fields, and the insert new feedback() function employs an insecure dictionary merge order where user-supplied data overwrites server-derived values. By injecting a user id variable in the request body, an attacker can create feedback records attributed to any arbitrary user. This leads to identity spoofing and the corruption of the model evaluation leaderboard (Elo ratings), which are rankings based on user feedback.

Recommendations Update to version 0.9.5. As a temporary workaround, restrict access to the 'POST /api/v1/evaluations/feedback' endpoint to trusted users only.