CVE-2026-45350: Open WebUI's chat completion API allows tool restrictions to be bypassed

May 14, 2026 (updated May 19, 2026)

Open WebUI v0.6.43 contains a vulnerability in its chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access.

References

github.com/advisories/GHSA-4pcg-253r-rf9w
github.com/open-webui/open-webui/commit/4737e1f11
github.com/open-webui/open-webui/releases/tag/v0.8.6
github.com/open-webui/open-webui/security/advisories/GHSA-4pcg-253r-rf9w
nvd.nist.gov/vuln/detail/CVE-2026-45350

Code Behaviors & Features

Detect and mitigate CVE-2026-45350 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →