Description
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of credentials provided to the endpoint. The issue results from transmitting sensitive information in plaintext. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-28259.
Published: 2026-01-23
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure via Unencrypted Credential Transmission
Action: Assess
AI Analysis

Impact

This vulnerability arises when Open WebUI transmits credentials in cleartext to the exposed endpoint. An attacker who can observe traffic on the same network segment can capture those credentials without requiring authentication, potentially enabling further compromise of the target system.

Affected Systems

The affected product is Open WebUI version 0.6.32. No other versions were explicitly listed in the CNA data.

Risk and Exploitability

The CVSS score of 6.5 reflects a moderate severity vulnerability, and the EPSS score of less than 1% indicates a low probability of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a network‑adjacent attacker who can sniff traffic to the vulnerable endpoint; no credentials are needed to trigger the disclosure.

Generated by OpenCVE AI on April 18, 2026 at 03:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify whether a newer Open WebUI release contains a fix that encrypts credential transmission; if available, upgrade to that version.
  • Limit network access to the credential endpoint with firewall rules or network segmentation so only trusted hosts can reach it.
  • Enforce encrypted transport (HTTPS/TLS) for all authentication traffic, ensuring that the endpoint does not accept cleartext requests over unencrypted connections.

Generated by OpenCVE AI on April 18, 2026 at 03:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 30 Jan 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Openwebui
Openwebui open Webui
CPEs cpe:2.3:a:openwebui:open_webui:0.6.32:*:*:*:*:*:*:*
Vendors & Products Openwebui
Openwebui open Webui
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Fri, 23 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Open-webui
Open-webui open-webui
Vendors & Products Open-webui
Open-webui open-webui

Fri, 23 Jan 2026 04:00:00 +0000

Type Values Removed Values Added
Description Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of credentials provided to the endpoint. The issue results from transmitting sensitive information in plaintext. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-28259.
Title Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability
Weaknesses CWE-319
References
Metrics cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Open-webui Open-webui
Openwebui Open Webui
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-01-23T16:33:51.687Z

Reserved: 2026-01-08T22:50:10.918Z

Link: CVE-2026-0767

cve-icon Vulnrichment

Updated: 2026-01-23T16:33:47.579Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-23T04:16:03.660

Modified: 2026-01-30T19:36:59.573

Link: CVE-2026-0767

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:30:25Z

Weaknesses