CVE-2026-45318: Open WebUI has stored XSS via unsanitized Office/Excel/DOCX file preview rendering ({@html} without DOMPurify)

May 14, 2026 (updated May 19, 2026)

Open WebUI renders user-uploaded Office files (Excel, DOCX) as HTML using Svelte’s {@html} directive without DOMPurify sanitization. While the codebase has DOMPurify available and uses it in 9 out of 23 {@html} locations (39%), three file-preview rendering paths bypass it entirely, allowing Stored XSS when a user uploads a malicious document.

This is a classic defense propagation failure: the sanitization primitive exists in the codebase but is not consistently applied to all rendering surfaces.

References

github.com/advisories/GHSA-hcwp-82g6-8wxc
github.com/open-webui/open-webui/releases/tag/v0.9.3
github.com/open-webui/open-webui/security/advisories/GHSA-hcwp-82g6-8wxc
github.com/open-webui/open-webui/security/advisories/GHSA-jwf8-pv5p-vhmc
nvd.nist.gov/vuln/detail/CVE-2026-45318

Code Behaviors & Features

Detect and mitigate CVE-2026-45318 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →