CVE-2026-44567: Open WebUI API Fails Role Validation, Allows Unauthorized Access
The National Vulnerability Database has detailed CVE-2026-44567, a critical vulnerability in Open WebUI, a self-hosted AI platform. Prior to version 0.1.124, the platform’s API did not properly validate user roles. When new sign-ups were enabled, the default role for new users was set to ‘pending’. However, this flaw allowed these pending users to bypass the intended administrative approval process and gain unauthorized access to the web application.
This bypass means that the crucial step requiring an administrator to manually reconfigure a new user’s role from ‘pending’ to ‘user’ or ‘admin’ was ineffective. The vulnerability, rated with a CVSS score of 7.3 (HIGH), is attributed to CWE-602 (Authorization Bypass Through External Control) and CWE-863 (Incorrect Authorization). It impacts the confidentiality, integrity, and availability of the system.
Organizations leveraging Open WebUI must prioritize patching to version 0.1.124 immediately. This flaw essentially negates the security control designed to gate new user access, turning a ‘pending’ state into an ‘active’ one without explicit approval. It’s a fundamental authorization breakdown that attackers will absolutely exploit to gain initial access.
What This Means For You
- If your organization uses Open WebUI, you must patch to version 0.1.124 immediately. This vulnerability allows any newly registered user to bypass pending status and gain unauthorized access. Audit your user logs for any unapproved access by 'pending' accounts prior to patching, and ensure new sign-ups are disabled if not strictly necessary.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-44567: Open WebUI Unauthorized Role Access
title: CVE-2026-44567: Open WebUI Unauthorized Role Access
id: scw-2026-05-15-ai-1
status: experimental
level: high
description: |
Detects attempts to modify user roles via the Open WebUI API, specifically targeting the /api/users endpoint with a PUT request. This rule aims to identify exploitation of CVE-2026-44567 where role validation is bypassed, allowing unauthorized role changes from 'pending' to 'user' or 'admin'.
author: SCW Feed Engine (AI-generated)
date: 2026-05-15
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-44567/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/api/users'
cs-method:
- 'PUT'
sc-status:
- 200
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-44567 | Auth Bypass | Open WebUI versions prior to 0.1.124 |
| CVE-2026-44567 | Auth Bypass | API does not properly validate user role |
| CVE-2026-44567 | Auth Bypass | Default user role 'pending' can bypass access restrictions when new sign-ups enabled |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 16, 2026 at 01:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Open WebUI XSS Allows Privilege Escalation to Super Admin
CVE-2026-45665 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists...
CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence
CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user [non-admin] logs into...
CVE-2026-45350: Open WebUI API Flaw Exposes Tools to Unauthorized Access
CVE-2026-45350 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion...