CVE-2026-54016

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6

Description Open WebUI contains a Broken Object Level Authorization (BOLA) issue in the builtin search knowledge files() function. BOLA occurs when an application does not properly verify if a user has permission to access a specific object via its ID. When native function calling is enabled and the selected model has no attached knowledge bases, an authenticated user can provide an arbitrary knowledge id variable to the search knowledge files() function. The system then returns file metadata from that knowledge base without verifying if the user has the required read access, allowing the unauthorized enumeration of private or restricted knowledge base files.

Recommendations Update to version 0.9.6. As a temporary workaround, restrict the use of the search knowledge files() function or disable native function calling until the update is applied.