CVE-2026-54010 | open-webui Open WebUI up to 0.9.5 Forged Chat-File Link access control
A vulnerability classified as critical was found in open-webui Open WebUI. Affected by this issue is some unknown functionality of the component Forged Chat-File Link Handler. The manipulation results in improper access controls.
This vulnerability is reported as CVE-2026-54010. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.VulDB Recent EntriesRead More