This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Project Subscriptions

Vendors Products
Open-webui Subscribe
Open-webui Subscribe
Openwebui Subscribe
Open Webui Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2025-6939 The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets.
Github GHSA Github GHSA GHSA-x757-hv69-jr45 Open WebUI has SSRF in /openai/models
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 16 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Title SSRF in open-webui/open-webui
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 16 Jul 2026 16:00:00 +0000

Type Values Removed Values Added
Description The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Mon, 21 Jul 2025 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Openwebui
Openwebui open Webui
CPEs cpe:2.3:a:openwebui:open_webui:0.3.8:*:*:*:*:*:*:*
Vendors & Products Openwebui
Openwebui open Webui
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}


Thu, 20 Mar 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 20 Mar 2025 10:15:00 +0000

Type Values Removed Values Added
Description The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets.
Title SSRF in open-webui/open-webui
Weaknesses CWE-918
References
Metrics cvssV3_0

{'score': 7.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: REJECTED

Assigner: @huntr_ai

Published:

Updated: 2026-07-16T15:37:19.664Z

Reserved: 2024-08-19T18:44:27.054Z

Link: CVE-2024-7959

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Analyzed

Published: 2025-03-20T10:15:38.257

Modified: 2026-06-17T08:21:32.727

Link: CVE-2024-7959

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-12T22:45:27Z

Weaknesses