LOW
GHSA-frv8-gffc-37px
open-webui is Vulnerable to Incorrect Access Control
Details
open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response tasks.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / open-webui
Introduced in:
0 No fixed version published yet for open-webui (pip). Pin to a known-safe version or switch to an alternative.
References
- https://nvd.nist.gov/vuln/detail/CVE-2025-63681 [ADVISORY]
- https://github.com/TOAST-Research/pocs/blob/main/openwebui/arbitirary_task_stop/report.md [WEB]
- https://github.com/open-webui/open-webui [PACKAGE]
- https://github.com/open-webui/open-webui/blob/46ae3f4f5d7d4d706041bdae4ad2d802e568712b/backend/open_webui/main.py#L1652 [WEB]