CVE-2026-45339 | open-webui Open WebUI up to 0.8.x API Endpoint /api/v1/messages authorization (GHSA-57q6-fvp4-pqmm)

A vulnerability was found in open-webui Open WebUI up to 0.8.x. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the file /api/v1/messages of the component API Endpoint. This manipulation causes incorrect authorization.

This vulnerability appears as CVE-2026-45339. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More