HomeCVE Intelligence › CVE-2026-26193
CVSS 7.3 HIGH Vulnerability

CVE-2026-26193: Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages

Summary Manually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts and allow-same-origin set, ignoring t…

7.3CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-26193
Vendorpip
Affected Productopen-webui
Vulnerability TypeVulnerability
CVSS Score7.3 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary

Manually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts and allow-same-origin set, ignoring the "iframe Sandbox Allow Same Origin" configuration. This enables stored XSS on the affected chat. This also triggers when the chat is in the shared format. The result is a shareable link containing the payload that can be distributed to any other users on the instance.

Details

The flaw stems from how iFrames are constructed here: https://github.com/open-webui/open-webui/blob/6f1486ffd0cb288d0e21f41845361924e0d742b3/src/lib/components/chat/Messages/ResponseMessage.svelte#L689-L703 messages.embeds is a user controlled property and so can be arbitrarily set by

🎯 Known Indicators of Compromise

{"type":"sha1","value":"6f1486ffd0cb288d0e21f41845361924e0d742b3","confidence_score":0.9,"first_seen":"2026-07-07","source_count":1} {"type":"url","value":"https://github.com/open-webui/open-webui/blob/6f1486ffd0cb288d0e21f41845361924e0d742b3/src/lib/compo","confidence_score":0.82,"first_seen":"2026-07-07","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-26193 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence