Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-56399
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-30 Jun, 2026 | 22:08
Updated At-01 Jul, 2026 | 14:28
Rejected At-
▼CVE Numbering Authority (CNA)
Open WebUI - Server-Side Request Forgery via Location Redirect in /api/v1/retrieval/process/web

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentially execute commands via instance secrets.

Affected Products
Vendor
open-webui
Product
open-webui
Default Status
unaffected
Versions
Affected
  • From 0 before 0.6.27 (semver)
Unaffected
  • 0.6.27 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-918Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-918
Description: Server-Side Request Forgery (SSRF)
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
3.15.0MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
Mosstrow
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/open-webui/open-webui/security/advisories/GHSA-82r6-c5jm-f3mw
vendor-advisory
https://github.com/open-webui/open-webui/commit/02238d3113e966c353fce18f1b65117380896774
patch
https://www.vulncheck.com/advisories/open-webui-server-side-request-forgery-via-location-redirect-in-api-v1-retrieval-process-web
third-party-advisory
Hyperlink: https://github.com/open-webui/open-webui/security/advisories/GHSA-82r6-c5jm-f3mw
Resource:
vendor-advisory
Hyperlink: https://github.com/open-webui/open-webui/commit/02238d3113e966c353fce18f1b65117380896774
Resource:
patch
Hyperlink: https://www.vulncheck.com/advisories/open-webui-server-side-request-forgery-via-location-redirect-in-api-v1-retrieval-process-web
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/open-webui/open-webui/security/advisories/GHSA-82r6-c5jm-f3mw
exploit
Hyperlink: https://github.com/open-webui/open-webui/security/advisories/GHSA-82r6-c5jm-f3mw
Resource:
exploit
Details not found