CVE-2026-59219 | open-webui Open WebUI up to 0.9.x WebSocket Authentication decode_token improper authentication
A vulnerability was found in open-webui Open WebUI up to 0.9.x. It has been classified as critical. This issue affects the function decode_token of the component WebSocket Authentication Handler. The manipulation leads to improper authentication.
This vulnerability is traded as CVE-2026-59219. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More