CVE-2026-59216
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
09/07/2026
Last modified:
10/07/2026
Description
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, get_event_call delivered execute:python and execute:tool Socket.IO events to a client-supplied session_id after checking only that the session was connected, allowing authenticated users who learned another socket ID through ydoc:document:join to run code interpreter Python or tools in that user session. This issue is fixed in version 0.10.0.
Impact
Base Score 3.x
7.70
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://github.com/open-webui/open-webui/commit/386ac958144dbbbf0aa6e268070d72b681a318aa
- https://github.com/open-webui/open-webui/pull/25763
- https://github.com/open-webui/open-webui/releases/tag/v0.10.0
- https://github.com/open-webui/open-webui/security/advisories/GHSA-74h3-cxq7-vc5q
- https://github.com/open-webui/open-webui/security/advisories/GHSA-74h3-cxq7-vc5q



