Open WebUI Vulnerability Allows Arbitrary File Uploads via Path Traversal
The National Vulnerability Database has detailed CVE-2026-44566, a high-severity path traversal vulnerability affecting Open WebUI, a self-hosted AI platform. Prior to version 0.1.124, the platform failed to properly validate and sanitize filenames during file attachments. This oversight allows an attacker to manipulate file paths using dot-segments, enabling them to upload files to arbitrary locations on the filesystem where the web server process has write permissions.
This is a critical flaw. An attacker exploiting this vulnerability could potentially write web shells, overwrite critical configuration files, or introduce malicious executables. The impact isn’t just about data integrity; it’s about full system compromise. The CVSS score of 7.3 (HIGH) underscores the significant risk, with low attack complexity and no user interaction required.
Defenders need to understand the implications here: an unauthenticated attacker could gain a significant foothold. Patching is paramount. The vulnerability is fixed in Open WebUI version 0.1.124. Any organization running earlier versions must update immediately to mitigate this direct path to arbitrary code execution and system control.
What This Means For You
- If your organization uses Open WebUI, you are exposed to arbitrary file uploads that can lead to system compromise. Immediately verify your Open WebUI version. If it's prior to 0.1.124, patch to the latest version without delay. Audit your web server logs for suspicious file upload activity or unexpected file creations outside of designated upload directories.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-44566 - Open WebUI Arbitrary File Upload via Path Traversal
title: CVE-2026-44566 - Open WebUI Arbitrary File Upload via Path Traversal
id: scw-2026-05-15-ai-1
status: experimental
level: high
description: |
Detects the specific API endpoint and path traversal pattern used in CVE-2026-44566 to upload arbitrary files by exploiting the lack of sanitization in Open WebUI's file attachment functionality. The presence of '../' in the URI indicates an attempt to traverse directories.
author: SCW Feed Engine (AI-generated)
date: 2026-05-15
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-44566/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/api/v1/chat/attachments/upload'
cs-method|exact:
- 'POST'
uri|contains:
- '../'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-44566 | Path Traversal | Open WebUI versions prior to 0.1.124 |
| CVE-2026-44566 | Path Traversal | File upload functionality in Open WebUI |
| CVE-2026-44566 | Path Traversal | Lack of validation/sanitization of filenames during file attachment |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 16, 2026 at 01:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Open WebUI XSS Allows Privilege Escalation to Super Admin
CVE-2026-45665 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists...
CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence
CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user [non-admin] logs into...
CVE-2026-45350: Open WebUI API Flaw Exposes Tools to Unauthorized Access
CVE-2026-45350 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion...