CVE-2026-45317: Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) via Image URL Manipulation

May 14, 2026 (updated May 19, 2026)

An application-wide Cross-Site Request Forgery (CSRF) vulnerability was found Open-WebUl’s image uploading functionality. An attacker can set an image URL to a malicious endpoint, allowing them to perform actions on behalf of a victim user. Any authenticated user can exploit this vulnerability, and any user who views the compromised image (e.g., a profile picture) will unknowingly send a GET request to the attacker-controlled URL. This can lead to cookie theft, denial of service (DoS), or other malicious actions.

This can be exploited in various locations, including:

• Profile picture

• Model picture

• Hidden images in shared chats

• Images within shared notes

References

Code Behaviors & Features

Detect and mitigate CVE-2026-45317 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →