CVE-2026-45347: Open WebUI vulnerable to blind server side request forgery (SSRF) via the PDF generate function

May 14, 2026 (updated May 19, 2026)

Blind server side request forgery (SSRF) via the PDF generate function. The finding resulted from a penetration test for a customer. It is suspected that the root cause of the issue lies within the core of Open WebUI, which is why it is being reported as a security issue here. Tested on Open WebUI 0.5.4.

References

github.com/advisories/GHSA-f776-fp4w-266c
github.com/open-webui/open-webui/commit/167c8bf00d165af523acfc3b870749f6be6d3e57
github.com/open-webui/open-webui/releases/tag/v0.5.11
github.com/open-webui/open-webui/security/advisories/GHSA-f776-fp4w-266c
nvd.nist.gov/vuln/detail/CVE-2026-45347

Code Behaviors & Features

Detect and mitigate CVE-2026-45347 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →