CVE-2026-54022

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.11

Description An authorization bypass exists in the ydoc:document:join Socket.IO handler. The handler only performs ownership checks when the document id variable starts with the prefix note: (colon). However, the YdocManager storage layer normalizes all document IDs by replacing colons with underscores. An attacker can bypass the authorization check by requesting a document using note <id> (underscore) instead of note:<id> (colon), allowing them to access the same underlying Yjs document. This results in the server returning the full document state and leaking the private note contents of other users.

Recommendations Update to version 0.8.11.