HomeCVE Intelligence › CVE-2026-45402
CVSS 8.1 HIGH Vulnerability

CVE-2026-45402: Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledg…

Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints Summary Multiple endpoints accept a user-supplied file_id and attach the referenced file to a resource the caller cont…

8.1CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-45402
Vendorpip
Affected Productopen-webui
Vulnerability TypeVulnerability
CVSS Score8.1 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints

Summary Multiple endpoints accept a user-supplied file_id and attach the referenced file to a resource the caller controls (folder knowledge, knowledge-base contents) without verifying that the caller owns or has been granted access to the file. The file's content then becomes reachable through the downstream RAG / file-content paths, allowing any authenticated user to exfiltrate any other user's private file — and on the knowledge-base path, also to overwrite it — given knowledge of the file's UUID.

Affected code paths

Path 1 — Folder knowledge ingestion via folders.update backend/open_webui/routers/folders.py:156POST /api/v1/folders/{id}/update accepts a `FolderUpda

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-45402 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence