CVE-2026-44552: Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix En…

Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning Affected Component Tool server and terminal server Redis cache: backend/open_webui/utils/tools.py (line 84…

8.7CVSS Score

HIGHSeverity

NOCISA KEV

VulnerabilityImpact Type

📋 Vulnerability Details

CVE ID	CVE-2026-44552
Vendor	pip
Affected Product	open-webui
Vulnerability Type	Vulnerability
CVSS Score	8.7 (HIGH)
Actively Exploited	❌ No known exploitation
Patch Status	See Vendor Advisory →
Reported By	CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning

Affected Component Tool server and terminal server Redis cache:

• backend/open_webui/utils/tools.py (line 841, tool_servers SET)

• backend/open_webui/utils/tools.py (line 850, tool_servers GET)

• backend/open_webui/utils/tools.py (line 976, terminal_servers SET)

• backend/open_webui/utils/tools.py (line 986, terminal_servers GET)

Affected Versions Current main branch (commit `6fdd19bf1`) and likely all versions since the tool server / terminal server Redis cache was introduced.

Description Open WebUI uses a `REDIS_KEY_PREFIX` (default `open-webui`) to namespace Redis keys, allowing multiple instances to safely share a single Redis backend. Every Redis key in t

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-44552 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries

🛡️ Get Detection Pack → 🔌 Access via API →